oss-sec mailing list archives
Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length
From: Anthony Liguori <anthony () codemonkey ws>
Date: Sun, 18 Feb 2018 14:26:02 -0800
FWIW, QEMU had a similar issue a few years ago. There's no shared code, but I bet your test case would have worked there too. https://access.redhat.com/security/cve/cve-2015-5239 Regards, Anthony Liguori
Current thread:
- LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 18)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 18)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Anthony Liguori (Feb 18)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Karol Babioch (Feb 19)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Karol Babioch (Feb 19)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 22)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 18)