An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
[ { "id": "CVE-2020-14401-b9e34590", "signature_type": "Line", "target": { "file": "libvncserver/scale.c" }, "signature_version": "v1", "source": "https://github.com/libvnc/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af", "digest": { "threshold": 0.9, "line_hashes": [ "248208949429347463031521643800921156886", "267256123706877668341539977664866338222", "69871433148263572302381190377581994547", "163000897568946296525180340287495104796" ] }, "deprecated": false }, { "id": "CVE-2020-14401-f7899987", "signature_type": "Function", "target": { "function": "rfbScaledScreenUpdateRect", "file": "libvncserver/scale.c" }, "signature_version": "v1", "source": "https://github.com/libvnc/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af", "digest": { "function_hash": "285897253734337289413665599072403539224", "length": 3173.0 }, "deprecated": false } ]