Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-01-02T19:34:29

Updated: 2024-08-06T08:58:26.465Z

Reserved: 2013-12-03T00:00:00

Link: CVE-2014-0011

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-01-02T20:15:15.943

Modified: 2024-11-21T02:01:10.227

Link: CVE-2014-0011

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-03-19T00:00:00Z

Links: CVE-2014-0011 - Bugzilla