LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.
{ "vanir_signatures": [ { "digest": { "function_hash": "12073792519026169399055785631219693532", "length": 15576.0 }, "signature_type": "Function", "source": "https://github.com/libvnc/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a", "target": { "file": "libvncclient/rfbproto.c", "function": "HandleRFBServerMessage" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-08854b13" }, { "digest": { "threshold": 0.9, "line_hashes": [ "270509393327960365748685557792116831529", "339080614919184849562659400147945780071", "64130665682880843821983036439133378936" ] }, "signature_type": "Line", "source": "https://github.com/libvnc/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a", "target": { "file": "libvncclient/rfbproto.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-0b22567d" }, { "digest": { "function_hash": "10960388733564271478810429185117381064", "length": 5908.0 }, "signature_type": "Function", "source": "https://github.com/libvnc/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7", "target": { "file": "libvncclient/rfbproto.c", "function": "InitialiseRFBConnection" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-176ae729" }, { "digest": { "threshold": 0.9, "line_hashes": [ "84254960534042679304898155536848478938", "229182929739848597540272855473505075433", "115731688294628139041249038760087468019", "156742973387989093744999065882890282457", "18986867539264785500836444447235716003", "327672349231850461330309473341739004649", "261231394109844298851280895027001000244", "229168025549519204340232600263267761807", "275728552090777867912254788668352838754", "151824325577326328618624340157490703907", "9348145879045515320510991002503792313", "148911456807679930241696454170955397488", "112199142315684300816713298166637093662", "187705582706621887419278322729715856347", "263731156095950383603620943064324895933", "297806058703144532571028024813191253497", "51769818584508438110519051427363784447", "113083062255153038556578360505666650981", "325505835386720914190865311049142576472", "62999022195970164746107415712837845449", "112789040044497643031359286117832382587", "308154534991506749896500995657121119093", "200506341704626692209286585776910429216", "101998477725413349209740746363961562237", "32033155045609333690931372275612489014", "179927953864933067046227322835480299827", "17477881472269248878805326582813571863", "180523357266728249606342258885786632422", "149213466137440147855395994301553634432", "126458165601713626752401871524499364634", "70885801530116225762531409400628429665", "102241635113009843242978653705094788505", "9359558918966510524030243105310737953", "14098776365981166191690015329525542095" ] }, "signature_type": "Line", "source": "https://github.com/libvnc/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c", "target": { "file": "libvncclient/rfbproto.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-29b68c4a" }, { "digest": { "function_hash": "19136878182694543325154733579835355724", "length": 354.0 }, "signature_type": "Function", "source": "https://github.com/libvnc/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c", "target": { "file": "libvncclient/rfbproto.c", "function": "ReadReason" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-7763fe38" }, { "digest": { "function_hash": "81516632951978516956560941625738253426", "length": 923.0 }, "signature_type": "Function", "source": "https://github.com/libvnc/libvncserver/commit/e34bcbb759ca5bef85809967a268fdf214c1ad2c", "target": { "file": "libvncclient/rfbproto.c", "function": "rfbHandleAuthResult" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-b101720b" }, { "digest": { "function_hash": "239437395293931296180168060981629595350", "length": 15751.0 }, "signature_type": "Function", "source": "https://github.com/libvnc/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae", "target": { "file": "libvncclient/rfbproto.c", "function": "HandleRFBServerMessage" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-d032e6dd" }, { "digest": { "threshold": 0.9, "line_hashes": [ "108087407148696150833288407683186954685", "226737037679807783954352500040664192893", "93437074213428856082594084905517306605", "5769886536685312212134599478874627330" ] }, "signature_type": "Line", "source": "https://github.com/libvnc/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7", "target": { "file": "libvncclient/rfbproto.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-f74c34b7" }, { "digest": { "threshold": 0.9, "line_hashes": [ "45502871852806093800306850285498141930", "5594731090021410434929000863804359344", "165171928812884150623479213230779765620", "117547703167341518813102877771863707798" ] }, "signature_type": "Line", "source": "https://github.com/libvnc/libvncserver/commit/a64c3b37af9a6c8f8009d7516874b8d266b42bae", "target": { "file": "libvncclient/rfbproto.c" }, "signature_version": "v1", "deprecated": false, "id": "CVE-2018-20748-fc9c3b95" } ] }