VNC Viewer Vulnerability CVE-2008-4770
Adam Tkac
atkac "at" redhat.com
Wed Nov 26 15:28:01 2008
On Wed, Nov 26, 2008 at 01:25:30PM -0000, jnw "at" realvnc.com wrote:
> A vulnerability has been reported in a core VNC Viewer component's
> validation of server-supplied RFB protocol data. This issue only affects the
> VNC Viewer component, VNC Servers are not affected.
>
> VNC Free Edition Viewer users should upgrade to version 4.1.3, and providers
> of software based on the VNC Free Edition open-source codebase should patch
> it to version 4.1.3.
>
> For more information please visit
> http://www.realvnc.com/products/upgrade.html
>
> Regards,
>
> The RealVNC Team
Are you sure that patch is security related? I don't see any security
implication.
Adam
--
Adam Tkac, Red Hat, Inc.