Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-15692

Опубликовано: 26 дек. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.5
CVSS3: 7.2

Описание

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

1.10.1+dfsg-1
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

not-affected

1.10.1+dfsg-1
esm-apps/jammy

not-affected

1.10.1+dfsg-1
esm-apps/noble

not-affected

1.10.1+dfsg-1
esm-infra-legacy/trusty

DNE

focal

not-affected

1.10.1+dfsg-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.05295
Низкий

6.5 Medium

CVSS2

7.2 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-15692

CVSS3: 7.2
redhat
больше 6 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

nvd логотип

CVE-2019-15692

CVSS3: 7.2
nvd
около 6 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

debian логотип

CVE-2019-15692

CVSS3: 7.2
debian
около 6 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...

github логотип

GHSA-hc53-6v72-2h55

CVSS3: 7.2
github
больше 3 лет назад

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

fstec логотип

BDU:2021-01413

CVSS3: 7.2
fstec
около 6 лет назад

Уязвимость декодера CopyRectDecoder программного обеспечения VNC TigerVNC, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 90%
0.05295
Низкий

6.5 Medium

CVSS2

7.2 High

CVSS3