CVE-2016-10207

Опубликовано: 28 фев. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00020.html
Patch
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0630.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/02/22
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/05/2
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/96012
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:2000
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1023012
Exploit
Issue Tracking
Third Party Advisory
VDB Entry
https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
Patch
https://security.gentoo.org/glsa/201801-13
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00020.html
Patch
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0630.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/02/22
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/05/2
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/96012
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2017:2000
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1023012
Exploit
Issue Tracking
Third Party Advisory
VDB Entry
https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
Patch
https://security.gentoo.org/glsa/201801-13
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:tigervnc:tigervnc:0.0.90:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:0.0.91:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:1.0:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:1.3:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:tigervnc:tigervnc:1.7:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01689

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2016-10207

CVSS3: 7.5

ubuntu

больше 8 лет назад

The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.

CVE-2016-10207

CVSS3: 7.5

redhat

около 9 лет назад

The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.

CVE-2016-10207

CVSS3: 7.5

debian

больше 8 лет назад

The Xvnc server in TigerVNC allows remote attackers to cause a denial ...

openSUSE-SU-2017:0444-1

suse-cvrf

больше 8 лет назад

Security update for tigervnc

GHSA-xv2c-qf7g-w8gj

CVSS3: 7.5

github

больше 3 лет назад

The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.

EPSS

Процентиль: 82%

0.01689

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-119