Oval Definition:	oval:com.ubuntu.xenial:def:201872250000000
Revision Date: 2018-02-19 Version: 1 Title: CVE-2018-7225 on Ubuntu 16.04 LTS (xenial) - medium. Description: An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-7225 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND libvncserver package in xenial was vulnerable but has been fixed (note: '0.9.10+dfsg-3ubuntu0.16.04.2').
BACK