LibVNC contained heap out-of-bound write vulnerability inside
structure in VNC client code that can result remote code execution
LibVNC contained a CWE-835: Infinite loop vulnerability in VNC client
code. Vulnerability allows attacker to consume excessive amount of
resources like CPU and RAM
LibVNC contained multiple weaknesses CWE-665: Improper Initialization
vulnerability in VNC client code that allowed attackers to read stack
memory and could be abused for information disclosure. Combined with
another vulnerability, it could be used to leak stack memory layout
and in bypassing ASLR.
LibVNC contained null pointer dereference in VNC client code that
could result DoS.