Heap Out-of-Bounds Write Vulnerabilities in LibVNC (CVE-2018-20019 Incomplete Fix)

Heap Out-of-Bounds Write Vulnerabilities in LibVNC (CVE-2018-20019 Incomplete Fix)

CVE-2018-20748 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

Learn more about our Web Application Penetration Testing UK.