CVE-2008-4770

Impact:
Moderate
Public Date:
2008-11-26
Bugzilla:
480590: CVE-2008-4770 vnc: vncviewer insufficient encoding value validation in CMsgReader::readRect

The MITRE CVE dictionary describes this issue as:

The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type."

Find out more about CVE-2008-4770 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (vnc) RHSA-2009:0261 2009-02-11
Red Hat Enterprise Linux 3 (vnc) RHSA-2009:0261 2009-02-11
Red Hat Enterprise Linux 5 (vnc) RHSA-2009:0261 2009-02-11

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.