LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
{ "vanir_signatures": [ { "digest": { "function_hash": "234177214934907037875738780921470065452", "length": 454.0 }, "id": "CVE-2018-20749-4c18c318", "source": "https://github.com/libvnc/libvncserver/commit/15bb719c03cc70f14c36a843dcb16ed69b405707", "signature_type": "Function", "signature_version": "v1", "target": { "file": "libvncserver/rfbserver.c", "function": "rfbProcessFileTransferReadBuffer" }, "deprecated": false }, { "digest": { "threshold": 0.9, "line_hashes": [ "22851802012259854316485533793617137710", "230566275438621502239892882294239741695", "186941204740703548939696912753573588602", "237296104120107525451306638457085077081", "133303737905769428184424510389654335174", "318158163168389883515459339977924360928" ] }, "id": "CVE-2018-20749-ed4b1209", "source": "https://github.com/libvnc/libvncserver/commit/15bb719c03cc70f14c36a843dcb16ed69b405707", "signature_type": "Line", "signature_version": "v1", "target": { "file": "libvncserver/rfbserver.c" }, "deprecated": false } ] }