Bug 203174
Summary: | vncserver PCF handling Integer overflow | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Josh Bressers <bressers> |
Component: | vnc | Assignee: | Adam Tkac <atkac> |
Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | ovasik, xgl-maint |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-10-25 09:20:52 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Josh Bressers
2006-08-18 19:27:36 UTC
Scratch that RHEL comment above, but this will need to be fixed in FC6 Affected code is not in the VNC package I've done some thinking about this and I'm removing the Security keyword. There is no way this can be considered a security issue, it's simply a bug. The only way this is exploitable is if a bad font can be included in the vncserver font path. That means that an attacker already has access to the account in question. hmm, this bug is only in versions of vnc to FC-4. FC-5 and up uses different xserver which is not affected... |