Candidate: CVE-2017-1000044
PublicDate: 2017-07-17 13:18:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000044
Description:
 gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when
 updating framebuffer which may lead to memory corruption when rendering
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_gtk-vnc:
 upstream: https://git.gnome.org/browse/gtk-vnc/commit/?id=f3fc5e57a78d4be9872f1394f697b9929873a737
upstream_gtk-vnc: released (0.4.3-1)
precise/esm_gtk-vnc: DNE
trusty_gtk-vnc: not-affected (0.5.3-0ubuntu2.1)
trusty/esm_gtk-vnc: DNE (trusty was not-affected [0.5.3-0ubuntu2.1])
vivid/stable-phone-overlay_gtk-vnc: DNE
vivid/ubuntu-core_gtk-vnc: DNE
xenial_gtk-vnc: not-affected
yakkety_gtk-vnc: not-affected
zesty_gtk-vnc: not-affected
devel_gtk-vnc: not-affected (0.6.0-3)