CVE-2019-15681

Published: Oct 29, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.

Affected (14)

Products: Libvnc Project: Libvncserver · Canonical: Ubuntu Linux · Debian: Debian Linux · +1 more

Show all products

Libvnc Project: Libvncserver · Canonical: Ubuntu Linux · Debian: Debian Linux · Siemens: Simatic Itc1500 Firmware, Simatic Itc1500 Pro Firmware, Simatic Itc1900 Firmware, Simatic Itc1900 Pro Firmware, Simatic Itc2200 Firmware, Simatic Itc2200 Pro Firmware

1 product

1 product

1 product

6 products

Simatic Itc1500 Firmware

Simatic Itc1500 Pro Firmware

Simatic Itc1900 Firmware

Simatic Itc1900 Pro Firmware

Simatic Itc2200 Firmware

Simatic Itc2200 Pro Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libvnc Project Libvncserver	Before 0.9.12

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 18.10

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Itc1500 Firmware	From 3.0.0.0 to 3.2.1.0

Running on/with	Platform Versions
Siemens Simatic Itc1500	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Itc1500 Pro Firmware	From 3.0.0.0 to 3.2.1.0

Running on/with	Platform Versions
Siemens Simatic Itc1500 Pro	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Itc1900 Firmware	From 3.0.0.0 to 3.2.1.0

Running on/with	Platform Versions
Siemens Simatic Itc1900	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Itc1900 Pro Firmware	From 3.0.0.0 to 3.2.1.0

Running on/with	Platform Versions
Siemens Simatic Itc1900 Pro	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Itc2200 Firmware	From 3.0.0.0 to 3.2.1.0

Running on/with	Platform Versions
Siemens Simatic Itc2200	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Itc2200 Pro Firmware	From 3.0.0.0 to 3.2.1.0

Running on/with	Platform Versions
Siemens Simatic Itc2200 Pro	All versions

Related CWEs

Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

References (24)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html

Source: vulnerability@kaspersky.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html

Source: vulnerability@kaspersky.com

Mailing ListThird Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf

Source: vulnerability@kaspersky.com

Third Party Advisory

https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a

Source: vulnerability@kaspersky.com

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html

Source: vulnerability@kaspersky.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

Source: vulnerability@kaspersky.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html

Source: vulnerability@kaspersky.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html

Source: vulnerability@kaspersky.com

Mailing ListThird Party Advisory

https://usn.ubuntu.com/4407-1/

Source: vulnerability@kaspersky.com

Third Party Advisory

https://usn.ubuntu.com/4547-1/

Source: vulnerability@kaspersky.com

Third Party Advisory

https://usn.ubuntu.com/4573-1/

Source: vulnerability@kaspersky.com

Third Party Advisory

https://usn.ubuntu.com/4587-1/

Source: vulnerability@kaspersky.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://usn.ubuntu.com/4407-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4547-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4573-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4587-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.