[Secure-testing-team] Bug#513531: CVE-2008-4770: Arbitrary code execution via crafted RFB protocol data
Steffen Joeris
steffen.joeris at skolelinux.de
Thu Jan 29 22:30:24 UTC 2009
Package: xvnc4viewer
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for vnc4.
CVE-2008-4770[0]:
| The CMsgReader::readRect function in the VNC Viewer component in
| RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0
| through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote
| VNC servers to execute arbitrary code via crafted RFB protocol data,
| related to "encoding type."
The upstream patch[1] can be found in the redhat bugreport[2].
For lenny, this could be fixed via migration from unstable. Please CC
secure-testing-team at lists.alioth.debian.org when you email the release
team and ask for the unblock, so we are kept in the loop.
I guess the issue is also severe enough to warrant a DSA update. I
haven't tried to exploit it yet though.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4770
http://security-tracker.debian.net/tracker/CVE-2008-4770
[1] https://bugzilla.redhat.com/attachment.cgi?id=329323
[2] https://bugzilla.redhat.com/show_bug.cgi?id=480590
More information about the Secure-testing-team
mailing list