A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708
Reference (s):
- https://bugzilla.redhat.com/show_bug.cgi?id=1896739
- URL: https://bugzilla.redhat.com/show_bug.cgi?id=1896739