{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-02-19T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-23T12:06:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-4221", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4221"}, {"name": "USN-3618-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3618-1/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/LibVNC/libvncserver/issues/218"}, {"name": "[debian-lts-announce] 20180330 [SECURITY] [DLA 1332-1] libvncserver security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html"}, {"name": "103107", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103107"}, {"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2018/02/18/1"}, {"name": "RHSA-2018:1055", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1055"}, {"name": "GLSA-201908-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201908-05"}, {"name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"name": "[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"}, {"name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"name": "USN-4547-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4547-1/"}, {"name": "USN-4573-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4573-1/"}, {"name": "USN-4587-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4587-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-7225", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-4221", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4221"}, {"name": "USN-3618-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3618-1/"}, {"name": "https://github.com/LibVNC/libvncserver/issues/218", "refsource": "MISC", "url": "https://github.com/LibVNC/libvncserver/issues/218"}, {"name": "[debian-lts-announce] 20180330 [SECURITY] [DLA 1332-1] libvncserver security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html"}, {"name": "103107", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103107"}, {"name": "http://www.openwall.com/lists/oss-security/2018/02/18/1", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2018/02/18/1"}, {"name": "RHSA-2018:1055", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1055"}, {"name": "GLSA-201908-05", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-05"}, {"name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"name": "[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"}, {"name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"name": "USN-4547-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4547-1/"}, {"name": "USN-4573-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4573-1/"}, {"name": "USN-4587-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4587-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:24:11.789Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4221", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4221"}, {"name": "USN-3618-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3618-1/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/LibVNC/libvncserver/issues/218"}, {"name": "[debian-lts-announce] 20180330 [SECURITY] [DLA 1332-1] libvncserver security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html"}, {"name": "103107", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/103107"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2018/02/18/1"}, {"name": "RHSA-2018:1055", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1055"}, {"name": "GLSA-201908-05", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201908-05"}, {"name": "[debian-lts-announce] 20191030 [SECURITY] [DLA 1979-1] italc security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"name": "[debian-lts-announce] 20191129 [SECURITY] [DLA 2014-1] vino security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"}, {"name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"name": "USN-4547-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4547-1/"}, {"name": "USN-4573-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4573-1/"}, {"name": "USN-4587-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4587-1/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-7225", "datePublished": "2018-02-19T15:00:00", "dateReserved": "2018-02-19T00:00:00", "dateUpdated": "2024-08-05T06:24:11.789Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libvncserver_project:libvncserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "2759BD3D-4A3F-468E-BC5C-83555C12E14D", "versionEndIncluding": "0.9.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets."}, {"lang": "es", "value": "Se ha descubierto un problema en LibVNCServer hasta la versi\u00f3n 0.9.11. rfbProcessClientNormalMessage() en rfbserver.c no sanea msg.cct.length, lo que conduce a un acceso a datos no inicializados y potencialmente sensibles o, posiblemente, a otro tipo de impacto sin especificar (por ejemplo, un desbordamiento de enteros) mediante paquetes VNC especialmente manipulados."}], "id": "CVE-2018-7225", "lastModified": "2020-10-23T13:15:15.437", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-19T15:29:00.253", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2018/02/18/1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103107"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1055"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/LibVNC/libvncserver/issues/218"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00035.html"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201908-05"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3618-1/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4547-1/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4573-1/"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4587-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4221"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:1055", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "libvncserver-0:0.9.9-12.el7_5", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-04-10T00:00:00Z"}], "bugzilla": {"description": "libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c", "id": "1546858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546858"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.4", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "status": "verified"}, "cwe": "CWE-805", "details": ["An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets."], "name": "CVE-2018-7225", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "libvncserver", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2018-02-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-7225\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-7225"], "threat_severity": "Moderate"}