A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Software | From | Fixed in |
---|---|---|
fedoraproject / fedora | 19 | 19.x |
fedoraproject / fedora | 20 | 20.x |
fedoraproject / fedora | 21 | 21.x |
libvncserver_project / libvncserver | - | 0.9.9 |