CVE-2014-0011 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-0011 Interim 1 16 2025-11-05T05:14:09Z current 2021-05-30T13:17:13Z 2025-11-05T05:14:09Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-0011 Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Desktop Applications 15 openSUSE Leap 15.0 openSUSE Tumbleweed libXvnc-devel-1.7.0-2.1 libXvnc-devel-1.8.0-11.23 libXvnc1-1.6.0-12.6 libXvnc1-1.6.0-18.11.1 libXvnc1-1.6.0-18.23.72 libXvnc1-1.6.0-22.7.1 libXvnc1-1.7.0-2.1 libXvnc1-1.8.0-11.23 libXvnc1-1.8.0-lp150.9.1 tigervnc-1.15.0-160000.2.2 tigervnc-1.3.0-17.3 tigervnc-1.4.3-7.2 tigervnc-1.6.0-12.6 tigervnc-1.6.0-18.11.1 tigervnc-1.6.0-18.23.72 tigervnc-1.6.0-22.7.1 tigervnc-1.7.0-2.1 tigervnc-1.8.0-11.23 tigervnc-1.8.0-lp150.9.1 tigervnc-selinux-1.15.0-160000.2.2 xorg-x11-Xvnc-1.3.0-17.3 xorg-x11-Xvnc-1.4.3-7.2 xorg-x11-Xvnc-1.6.0-12.6 xorg-x11-Xvnc-1.6.0-18.11.1 xorg-x11-Xvnc-1.6.0-18.23.72 xorg-x11-Xvnc-1.6.0-22.7.1 xorg-x11-Xvnc-1.7.0-2.1 xorg-x11-Xvnc-1.8.0-11.23 xorg-x11-Xvnc-1.8.0-lp150.9.1 xorg-x11-Xvnc-novnc-1.8.0-11.23 tigervnc-1.3.0-17.3 as a component of SUSE Linux Enterprise Desktop 12 xorg-x11-Xvnc-1.3.0-17.3 as a component of SUSE Linux Enterprise Desktop 12 tigervnc-1.4.3-7.2 as a component of SUSE Linux Enterprise Desktop 12 SP1 xorg-x11-Xvnc-1.4.3-7.2 as a component of SUSE Linux Enterprise Desktop 12 SP1 libXvnc1-1.6.0-12.6 as a component of SUSE Linux Enterprise Desktop 12 SP2 tigervnc-1.6.0-12.6 as a component of SUSE Linux Enterprise Desktop 12 SP2 xorg-x11-Xvnc-1.6.0-12.6 as a component of SUSE Linux Enterprise Desktop 12 SP2 libXvnc1-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 tigervnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 xorg-x11-Xvnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libXvnc1-1.6.0-18.23.72 as a component of SUSE Linux Enterprise Desktop 12 SP4 tigervnc-1.6.0-18.23.72 as a component of SUSE Linux Enterprise Desktop 12 SP4 xorg-x11-Xvnc-1.6.0-18.23.72 as a component of SUSE Linux Enterprise Desktop 12 SP4 libXvnc1-1.6.0-22.7.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 tigervnc-1.6.0-22.7.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 xorg-x11-Xvnc-1.6.0-22.7.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 libXvnc1-1.8.0-11.23 as a component of SUSE Linux Enterprise Module for Basesystem 15 tigervnc-1.8.0-11.23 as a component of SUSE Linux Enterprise Module for Basesystem 15 xorg-x11-Xvnc-1.8.0-11.23 as a component of SUSE Linux Enterprise Module for Basesystem 15 xorg-x11-Xvnc-novnc-1.8.0-11.23 as a component of SUSE Linux Enterprise Module for Basesystem 15 libXvnc-devel-1.8.0-11.23 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 tigervnc-1.3.0-17.3 as a component of SUSE Linux Enterprise Server 12 xorg-x11-Xvnc-1.3.0-17.3 as a component of SUSE Linux Enterprise Server 12 tigervnc-1.4.3-7.2 as a component of SUSE Linux Enterprise Server 12 SP1 xorg-x11-Xvnc-1.4.3-7.2 as a component of SUSE Linux Enterprise Server 12 SP1 libXvnc1-1.6.0-12.6 as a component of SUSE Linux Enterprise Server 12 SP2 tigervnc-1.6.0-12.6 as a component of SUSE Linux Enterprise Server 12 SP2 xorg-x11-Xvnc-1.6.0-12.6 as a component of SUSE Linux Enterprise Server 12 SP2 libXvnc1-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server 12 SP3 tigervnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server 12 SP3 xorg-x11-Xvnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server 12 SP3 libXvnc1-1.6.0-18.23.72 as a component of SUSE Linux Enterprise Server 12 SP4 tigervnc-1.6.0-18.23.72 as a component of SUSE Linux Enterprise Server 12 SP4 xorg-x11-Xvnc-1.6.0-18.23.72 as a component of SUSE Linux Enterprise Server 12 SP4 libXvnc1-1.6.0-22.7.1 as a component of SUSE Linux Enterprise Server 12 SP5 tigervnc-1.6.0-22.7.1 as a component of SUSE Linux Enterprise Server 12 SP5 xorg-x11-Xvnc-1.6.0-22.7.1 as a component of SUSE Linux Enterprise Server 12 SP5 tigervnc-1.15.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 tigervnc-selinux-1.15.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libXvnc1-1.6.0-12.6 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 tigervnc-1.6.0-12.6 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 xorg-x11-Xvnc-1.6.0-12.6 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libXvnc1-1.6.0-22.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 tigervnc-1.6.0-22.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 xorg-x11-Xvnc-1.6.0-22.7.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libXvnc1-1.8.0-lp150.9.1 as a component of openSUSE Leap 15.0 tigervnc-1.8.0-lp150.9.1 as a component of openSUSE Leap 15.0 xorg-x11-Xvnc-1.8.0-lp150.9.1 as a component of openSUSE Leap 15.0 libXvnc-devel-1.7.0-2.1 as a component of openSUSE Tumbleweed libXvnc1-1.7.0-2.1 as a component of openSUSE Tumbleweed tigervnc-1.7.0-2.1 as a component of openSUSE Tumbleweed xorg-x11-Xvnc-1.7.0-2.1 as a component of openSUSE Tumbleweed Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering. CVE-2014-0011 SUSE Linux Enterprise Desktop 12:tigervnc-1.3.0-17.3 SUSE Linux Enterprise Desktop 12:xorg-x11-Xvnc-1.3.0-17.3 SUSE Linux Enterprise Desktop 12 SP1:tigervnc-1.4.3-7.2 SUSE Linux Enterprise Desktop 12 SP1:xorg-x11-Xvnc-1.4.3-7.2 SUSE Linux Enterprise Desktop 12 SP2:libXvnc1-1.6.0-12.6 SUSE Linux Enterprise Desktop 12 SP2:tigervnc-1.6.0-12.6 SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-Xvnc-1.6.0-12.6 SUSE Linux Enterprise Desktop 12 SP3:libXvnc1-1.6.0-18.11.1 SUSE Linux Enterprise Desktop 12 SP3:tigervnc-1.6.0-18.11.1 SUSE Linux Enterprise Desktop 12 SP3:xorg-x11-Xvnc-1.6.0-18.11.1 SUSE Linux Enterprise Desktop 12 SP4:libXvnc1-1.6.0-18.23.72 SUSE Linux Enterprise Desktop 12 SP4:tigervnc-1.6.0-18.23.72 SUSE Linux Enterprise Desktop 12 SP4:xorg-x11-Xvnc-1.6.0-18.23.72 SUSE Linux Enterprise High Performance Computing 12 SP5:libXvnc1-1.6.0-22.7.1 SUSE Linux Enterprise High Performance Computing 12 SP5:tigervnc-1.6.0-22.7.1 SUSE Linux Enterprise High Performance Computing 12 SP5:xorg-x11-Xvnc-1.6.0-22.7.1 SUSE Linux Enterprise Module for Basesystem 15:libXvnc1-1.8.0-11.23 SUSE Linux Enterprise Module for Basesystem 15:tigervnc-1.8.0-11.23 SUSE Linux Enterprise Module for Basesystem 15:xorg-x11-Xvnc-1.8.0-11.23 SUSE Linux Enterprise Module for Basesystem 15:xorg-x11-Xvnc-novnc-1.8.0-11.23 SUSE Linux Enterprise Module for Desktop Applications 15:libXvnc-devel-1.8.0-11.23 SUSE Linux Enterprise Server 12:tigervnc-1.3.0-17.3 SUSE Linux Enterprise Server 12:xorg-x11-Xvnc-1.3.0-17.3 SUSE Linux Enterprise Server 12 SP1:tigervnc-1.4.3-7.2 SUSE Linux Enterprise Server 12 SP1:xorg-x11-Xvnc-1.4.3-7.2 SUSE Linux Enterprise Server 12 SP2:libXvnc1-1.6.0-12.6 SUSE Linux Enterprise Server 12 SP2:tigervnc-1.6.0-12.6 SUSE Linux Enterprise Server 12 SP2:xorg-x11-Xvnc-1.6.0-12.6 SUSE Linux Enterprise Server 12 SP3:libXvnc1-1.6.0-18.11.1 SUSE Linux Enterprise Server 12 SP3:tigervnc-1.6.0-18.11.1 SUSE Linux Enterprise Server 12 SP3:xorg-x11-Xvnc-1.6.0-18.11.1 SUSE Linux Enterprise Server 12 SP4:libXvnc1-1.6.0-18.23.72 SUSE Linux Enterprise Server 12 SP4:tigervnc-1.6.0-18.23.72 SUSE Linux Enterprise Server 12 SP4:xorg-x11-Xvnc-1.6.0-18.23.72 SUSE Linux Enterprise Server 12 SP5:libXvnc1-1.6.0-22.7.1 SUSE Linux Enterprise Server 12 SP5:tigervnc-1.6.0-22.7.1 SUSE Linux Enterprise Server 12 SP5:xorg-x11-Xvnc-1.6.0-22.7.1 SUSE Linux Enterprise Server 16.0:tigervnc-1.15.0-160000.2.2 SUSE Linux Enterprise Server 16.0:tigervnc-selinux-1.15.0-160000.2.2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libXvnc1-1.6.0-12.6 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tigervnc-1.6.0-12.6 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-Xvnc-1.6.0-12.6 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libXvnc1-1.6.0-22.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:tigervnc-1.6.0-22.7.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:xorg-x11-Xvnc-1.6.0-22.7.1 openSUSE Leap 15.0:libXvnc1-1.8.0-lp150.9.1 openSUSE Leap 15.0:tigervnc-1.8.0-lp150.9.1 openSUSE Leap 15.0:xorg-x11-Xvnc-1.8.0-lp150.9.1 openSUSE Tumbleweed:libXvnc-devel-1.7.0-2.1 openSUSE Tumbleweed:libXvnc1-1.7.0-2.1 openSUSE Tumbleweed:tigervnc-1.7.0-2.1 openSUSE Tumbleweed:xorg-x11-Xvnc-1.7.0-2.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H