oss-sec mailing list archives

Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length

From: Karol Babioch <kbabioch () suse de>
Date: Mon, 19 Feb 2018 16:08:24 +0100

Hi,

Am 18.02.2018 um 19:09 schrieb Solar Designer:

In case anyone cares and would have asked, no, I did not request CVE
ID(s) for this, and I don't intend to do so.


this has been assigned: CVE-2018-7225

Best regards,
Karol Babioch

-- 
OpenPGP: 4687 CA1E A0F7 3B1E BB7D  E179 DF49 418F 6267 267B

SUSE Linux GmbH
GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 18)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 18)
  - Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Anthony Liguori (Feb 18)
  - Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Karol Babioch (Feb 19)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Karol Babioch (Feb 19)
- Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Feb 22)
  - Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length Solar Designer (Mar 25)