{"containers": {"cna": {"affected": [{"product": "LibVNC", "vendor": "n/a", "versions": [{"status": "affected", "version": "commit 502821828ed00b4a2c4bef90683d0fd88ce495de"}]}], "datePublic": "2018-12-19T00:00:00", "descriptions": [{"lang": "en", "value": "LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution"}], "problemTypes": [{"descriptions": [{"description": "Heap Out-of-Bound write", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-23T12:06:30", "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988", "shortName": "Kaspersky"}, "references": [{"name": "DSA-4383", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4383"}, {"name": "[debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/"}, {"name": "USN-3877-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3877-1/"}, {"name": "RHSA-2019:0059", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0059"}, {"name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"name": "USN-4547-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4547-1/"}, {"name": "USN-4587-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4587-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnerability@kaspersky.com", "ID": "CVE-2018-15127", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "LibVNC", "version": {"version_data": [{"version_value": "commit 502821828ed00b4a2c4bef90683d0fd88ce495de"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap Out-of-Bound write"}]}]}, "references": {"reference_data": [{"name": "DSA-4383", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4383"}, {"name": "[debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html"}, {"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/", "refsource": "MISC", "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/"}, {"name": "USN-3877-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3877-1/"}, {"name": "RHSA-2019:0059", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0059"}, {"name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"name": "USN-4547-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4547-1/"}, {"name": "USN-4587-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4587-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:46:25.625Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4383", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2019/dsa-4383"}, {"name": "[debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/"}, {"name": "USN-3877-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3877-1/"}, {"name": "RHSA-2019:0059", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0059"}, {"name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"name": "USN-4547-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4547-1/"}, {"name": "USN-4587-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4587-1/"}]}]}, "cveMetadata": {"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988", "assignerShortName": "Kaspersky", "cveId": "CVE-2018-15127", "datePublished": "2018-12-19T16:00:00", "dateReserved": "2018-08-06T00:00:00", "dateUpdated": "2024-08-05T09:46:25.625Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEF1BF44-78B8-44E3-9A5A-29AB8111322B", "versionEndExcluding": "0.9.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution"}, {"lang": "es", "value": "LibVNC antes del commit con ID 502821828ed00b4a2c4bef90683d0fd88ce495de contiene una vulnerabilidad de escritura de memoria din\u00e1mica (heap) fuera de l\u00edmites en el c\u00f3digo del servidor de la extensi\u00f3n de transferencia de archivos que puede resultar en la ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2018-15127", "lastModified": "2020-10-23T13:15:13.953", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-19T16:29:00.297", "references": [{"source": "vulnerability@kaspersky.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0059"}, {"source": "vulnerability@kaspersky.com", "tags": ["Third Party Advisory"], "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/"}, {"source": "vulnerability@kaspersky.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html"}, {"source": "vulnerability@kaspersky.com", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"source": "vulnerability@kaspersky.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3877-1/"}, {"source": "vulnerability@kaspersky.com", "url": "https://usn.ubuntu.com/4547-1/"}, {"source": "vulnerability@kaspersky.com", "url": "https://usn.ubuntu.com/4587-1/"}, {"source": "vulnerability@kaspersky.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4383"}], "sourceIdentifier": "vulnerability@kaspersky.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2019:0059", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "libvncserver-0:0.9.9-13.el7_6", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-01-15T00:00:00Z"}], "bugzilla": {"description": "libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution", "id": "1661102", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661102"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution"], "name": "CVE-2018-15127", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "libvncserver", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libvncserver", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-12-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-15127\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-15127\nhttps://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/"], "threat_severity": "Important"}