Описание
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tightvnc | fixed | 1:1.3.9-9.1 | package | |
| tightvnc | fixed | 1:1.3.9-9deb10u1 | buster | package |
| tightvnc | fixed | 1:1.3.9-9+deb9u1 | stretch | package |
Примечания
https://www.openwall.com/lists/oss-security/2018/12/10/5
same as CVE-2018-20020/libvncserver
EPSS
Связанные уязвимости
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
Уязвимость компонентов системы удалённого доступа к рабочему столу компьютера TightVNC, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS