Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-15694

Опубликовано: 20 дек. 2019
Источник: redhat
CVSS3: 7.2
EPSS Низкий

Описание

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6tigervncOut of support scope
Red Hat Enterprise Linux 7tigervncFixedRHSA-2020:387529.09.2020
Red Hat Enterprise Linux 8tigervncFixedRHSA-2020:149716.04.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1790315tigervnc: Heap buffer overflow in DecodeManager::decodeRect

EPSS

Процентиль: 91%
0.06309
Низкий

7.2 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-15694

CVSS3: 7.2
ubuntu
около 6 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

nvd логотип

CVE-2019-15694

CVSS3: 7.2
nvd
около 6 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

debian логотип

CVE-2019-15694

CVSS3: 7.2
debian
около 6 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...

github логотип

GHSA-mm3v-7wx3-vx47

github
больше 3 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

fstec логотип

BDU:2021-01412

CVSS3: 7.2
fstec
около 6 лет назад

Уязвимость функции DecodeManager::decodeRect программного обеспечения VNC TigerVNC, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 91%
0.06309
Низкий

7.2 High

CVSS3