Improper Initialization Vulnerability in LibVNC Affected by Multiple Versions
CVE-2018-20022
7.5HIGH
What is CVE-2018-20022?
LibVNC prior to a specific commit is vulnerable to improper initialization, allowing attackers to potentially read stack memory. This flaw can lead to information disclosure and may be exploited in conjunction with other vulnerabilities to bypass Address Space Layout Randomization (ASLR), exposing a deeper stack memory layout that can be leveraged for further attacks.
Affected Version(s)
LibVNC commit 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838
