CVE-2018-15127

HIGH

Description

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution

References

https://access.redhat.com/errata/RHSA-2019:0059

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/

https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html

https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

https://usn.ubuntu.com/3877-1/

https://www.debian.org/security/2019/dsa-4383

Details

Source: MITRE

Published: 2018-12-19

Updated: 2019-10-31

Type: CWE-787

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

ID	Name	Product	Family	Severity
130408	Debian DLA-1979-1 : italc security update	Nessus	Debian Local Security Checks	high
127237	NewStart CGSL CORE 5.04 / MAIN 5.04 : libvncserver Multiple Vulnerabilities (NS-SA-2019-0052)	Nessus	NewStart CGSL Local Security Checks	high
122378	EulerOS 2.0 SP2 : libvncserver (EulerOS-SA-2019-1051)	Nessus	Huawei Local Security Checks	high
122206	EulerOS 2.0 SP5 : libvncserver (EulerOS-SA-2019-1033)	Nessus	Huawei Local Security Checks	high
122205	EulerOS 2.0 SP3 : libvncserver (EulerOS-SA-2019-1032)	Nessus	Huawei Local Security Checks	high
122162	Amazon Linux 2 : libvncserver (ALAS-2019-1161)	Nessus	Amazon Linux Local Security Checks	high
121561	Debian DSA-4383-1 : libvncserver - security update	Nessus	Debian Local Security Checks	high
121541	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : libvncserver vulnerabilities (USN-3877-1)	Nessus	Ubuntu Local Security Checks	high
121282	openSUSE Security Update : LibVNCServer (openSUSE-2019-53)	Nessus	SuSE Local Security Checks	high
121216	CentOS 7 : libvncserver (CESA-2019:0059)	Nessus	CentOS Local Security Checks	high
121205	Scientific Linux Security Update : libvncserver on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
121203	RHEL 7 : libvncserver (RHSA-2019:0059)	Nessus	Red Hat Local Security Checks	high
121200	Oracle Linux 7 : libvncserver (ELSA-2019-0059)	Nessus	Oracle Linux Local Security Checks	high
121160	SUSE SLES11 Security Update : LibVNCServer (SUSE-SU-2019:13927-1)	Nessus	SuSE Local Security Checks	high
121158	SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2019:0080-1)	Nessus	SuSE Local Security Checks	high
121154	openSUSE Security Update : LibVNCServer (openSUSE-2019-45)	Nessus	SuSE Local Security Checks	high
121094	SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2019:0060-1)	Nessus	SuSE Local Security Checks	high
119877	Debian DLA-1617-1 : libvncserver security update	Nessus	Debian Local Security Checks	high