FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libvncserver -- multiple buffer overflows

Affected packages
libvncserver < 0.9.11


VuXML ID 64be967a-d379-11e6-a071-001e67f15f5a
Discovery 2016-11-24
Entry 2017-01-09

libvnc server reports:

Two unrelated buffer overflows can be used by a malicious server to overwrite parts of the heap and crash the client (or possibly execute arbitrary code).


CVE Name CVE-2016-9941
CVE Name CVE-2016-9942
FreeBSD PR ports/215805