E19-0nur1
CVSS:
8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits a heap use-after-free vulnerability in libVNC LibVNCServer.
The vulnerability is due to improper validation of the file transfer request size by the File Transfer extension.
Successful exploitation may result in remote code execution on the target server.