6 results (0.012 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account. • https://medium.com/nestedif/vulnerability-disclosure-privilege-escalation-tightvnc-8165208cce https://www.tightvnc.com/news.php https://www.tightvnc.com/whatsnew.php • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server. Una vulnerabilidad de desbordamiento del búfer en el archivo tvnviewer.exe de TightVNC Viewer permite a un atacante remoto ejecutar instrucciones arbitrarias por medio de un paquete FramebufferUpdate diseñado desde un servidor VNC • https://www.tightvnc.com/whatsnew.php • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0

The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. • http://changelogs.credativ.org/debian/pool/main/v/vnc/vnc_3.3.6-3/changelog http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000640 http://security.gentoo.org/glsa/glsa-200302-15.xml http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/56161 http://www.iss.net/security_center/static/11384.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:022 http://www.redhat.com/support/errata/RHSA-2003-041.html http://www.redhat.com/support/errata/RHSA •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords. • http://www.securityfocus.com/bid/4835 http://www.tightvnc.com/changelog-win32.html •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. TightVNC anterior a 1.2.6 genera la misma cadena de desafío a múltiples conexiones, lo que permite a atacantes remotos evitar la autenticación VNC espiando el desafio y la respuesta de otros usuarios. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000640 http://marc.info/?l=bugtraq&m=102753170201524&w=2 http://marc.info/?l=bugtraq&m=102769183913594&w=2 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:022 http://www.redhat.com/support/errata/RHSA-2002-287.html http://www.redhat.com/support/errata/RHSA-2003-041.html http://www.securityfocus.com/bid/5296 http://www.tightvnc.com/WhatsNew.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/5992 •