LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.Referenceshttps://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/https://www.debian.org/security/2019/dsa-4383https://lists.debian.org/debian-lts-announce/2018/12/msg00017.htmlhttps://usn.ubuntu.com/3877-1/https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html
