libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
|
History
07 Nov 2023, 03:09
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
10 Mar 2022, 15:23
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/08/msg00045.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf - Patch, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4434-1/ - Third Party Advisory | |
First Time |
Siemens simatic Itc2200
Siemens simatic Itc2200 Pro Firmware Siemens Siemens simatic Itc1900 Pro Siemens simatic Itc1500 Libvnc Project Siemens simatic Itc1900 Siemens simatic Itc2200 Pro Canonical ubuntu Linux Siemens simatic Itc1900 Firmware Siemens simatic Itc1900 Pro Firmware Siemens simatic Itc1500 Pro Firmware Siemens simatic Itc2200 Firmware Siemens simatic Itc1500 Firmware Canonical Libvnc Project libvncserver Siemens simatic Itc1500 Pro |
|
CPE | cpe:2.3:a:libvncserver_project:libvncserver:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* |
cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:* |
14 Dec 2021, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-06-17 16:15
Updated : 2023-12-10 13:27
NVD link : CVE-2019-20839
Mitre link : CVE-2019-20839
CVE.ORG link : CVE-2019-20839
JSON object : View
Products Affected
siemens
- simatic_itc1500_pro_firmware
- simatic_itc2200_pro_firmware
- simatic_itc2200_firmware
- simatic_itc1900_pro
- simatic_itc1500
- simatic_itc1900_firmware
- simatic_itc1500_pro
- simatic_itc1500_firmware
- simatic_itc2200
- simatic_itc1900_pro_firmware
- simatic_itc1900
- simatic_itc2200_pro
opensuse
- leap
canonical
- ubuntu_linux
libvnc_project
- libvncserver
debian
- debian_linux
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')