FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  536950
Date:      2020-05-29
Time:      06:51:37Z
Committer: tagattie

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fb25333d-442f-11e4-98f3-5453ed2e2b49krfb -- Multiple security issues in bundled libvncserver

Martin Sandsmark reports:

krfb 4.14 [and earlier] embeds libvncserver which has had several security issues.

Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes.


Discovery 2014-09-23
Entry 2014-09-25
krfb
lt 4.12.5_4

CVE-2014-6055
http://lists.kde.org/?l=kde-announce&m=141153917319769&w=2
be5421ab-1b56-11e4-a767-5453ed2e2b49krfb -- Possible Denial of Service or code execution via integer overflow

Albert Aastals Cid reports:

krfb embeds libvncserver which embeds liblzo2, it contains various flaws that result in integer overflow problems.

This potentially allows a malicious application to create a possible denial of service or code execution. Due to the need to exploit precise details of the target architecture and threading it is unlikely that remote code execution can be achieved in practice.


Discovery 2014-08-03
Entry 2014-08-03
krfb
lt 4.12.5_1

CVE-2014-4607
http://lists.kde.org/?l=kde-announce&m=140709940701878&w=2