LibVNCServer before 0.9.12 release contains multiple CWE-665: Improper Initialization weaknesses in VNC client code, which could allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and bypass ASLR.
Filter
Materials
Advisories RSS feedBack to top 