Bug 255225 (CVE-2008-4770)

Summary:	net-misc/vnc >4.0 <4.1.2 CMsgReader::readRect arbitrary code execution (CVE-2008-4770)
Product:	Gentoo Security	Reporter:	Stefan Behte (RETIRED) <craig>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	armin76
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://www.securityfocus.com/bid/33263/info
Whiteboard:	B2 [glsa]
Package list:		Runtime testing required:	---

Description Stefan Behte (RETIRED) gentoo-dev

2009-01-17 00:21:55 UTC

CVE-2008-4770 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4770):
  The CMsgReader::readRect function in the VNC Viewer component in
  RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0
  through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows
  remote VNC servers to execute arbitrary code via crafted RFB protocol
  data, related to "encoding type."

Comment 1 Raúl Porcel (RETIRED) gentoo-dev

2009-01-17 14:13:49 UTC

I think i had a look when 4.1.3 got out and i only saw changes on windows files, but i could be wrong, i'll have a look again.

Comment 2 Raúl Porcel (RETIRED) gentoo-dev

2009-01-17 15:56:21 UTC

Okay, i saw the change, is not windows-only.

Arches, please stabilize:
=net-misc/vnc-4.1.3
Arches: alpha amd64 hppa ia64 ppc ppc64 sh sparc x86

Comment 3 Tobias Scherbaum (RETIRED) gentoo-dev

2009-01-18 11:18:06 UTC

ppc stable

Comment 4 Markus Meier gentoo-dev

2009-01-18 13:57:28 UTC

amd64/x86 stable

Comment 5 Tobias Klausmann (RETIRED) gentoo-dev

2009-01-18 16:10:09 UTC

Stable on alpha.

Comment 6 Raúl Porcel (RETIRED) gentoo-dev

2009-01-19 10:23:41 UTC

ia64/sh/sparc stable

Comment 7 Jeroen Roovers (RETIRED) gentoo-dev

2009-01-19 12:37:26 UTC

Stable for HPPA.

Comment 8 Brent Baude (RETIRED) gentoo-dev

2009-01-19 16:25:53 UTC

ppc64 done

Comment 9 Tobias Heinlein (RETIRED) gentoo-dev

2009-01-28 00:29:35 UTC

GLSA request filed.

Comment 10 Robert Buchholz (RETIRED) gentoo-dev

2009-03-09 13:58:35 UTC

GLSA 200903-17