FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  537150
Date:      2020-05-31
Time:      10:53:12Z
Committer: adamw

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
be5421ab-1b56-11e4-a767-5453ed2e2b49krfb -- Possible Denial of Service or code execution via integer overflow

Albert Aastals Cid reports:

krfb embeds libvncserver which embeds liblzo2, it contains various flaws that result in integer overflow problems.

This potentially allows a malicious application to create a possible denial of service or code execution. Due to the need to exploit precise details of the target architecture and threading it is unlikely that remote code execution can be achieved in practice.


Discovery 2014-08-03
Entry 2014-08-03
krfb
lt 4.12.5_1

CVE-2014-4607
http://lists.kde.org/?l=kde-announce&m=140709940701878&w=2
fb25333d-442f-11e4-98f3-5453ed2e2b49krfb -- Multiple security issues in bundled libvncserver

Martin Sandsmark reports:

krfb 4.14 [and earlier] embeds libvncserver which has had several security issues.

Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes.


Discovery 2014-09-23
Entry 2014-09-25
krfb
lt 4.12.5_4

CVE-2014-6055
http://lists.kde.org/?l=kde-announce&m=141153917319769&w=2