CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15695 – tigervnc: Stack buffer overflow in CMsgReader::readSetCursor
https://notcve.org/view.php?id=CVE-2019-15695
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versión anterior a 1.10.1, es vulnerable al desbordamiento de búfer de pila, que podría ser activada desde la función CMsgReader::readSetCursor. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/05e28490873a861379c943bf616614b78b558b89 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15695 https://bugzilla.redhat.com/show_bug.cgi?id=1790318 • CWE-121: Stack-based Buffer Overflow CWE-754: Improper Check for Unusual or Exceptional Conditions CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2CVE-2019-15694 – tigervnc: Heap buffer overflow in DecodeManager::decodeRect
https://notcve.org/view.php?id=CVE-2019-15694
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al desbordamiento de búfer de la pila, que podría ser activada desde la función DecodeManager::decodeRect. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/0943c006c7d900dfc0281639e992791d6c567438 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15694 https://bugzilla.redhat.com/show_bug.cgi?id=1790315 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15693 – tigervnc: Heap buffer overflow in TightDecoder::FilterGradient
https://notcve.org/view.php?id=CVE-2019-15693
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al desbordamiento de búfer de la pila, que se presenta en la función TightDecoder::FilterGradient. La explotación de esta vulnerabilidad podría resultar potencialmente en una ejecución de código remota. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/b4ada8d0c6dac98c8b91fc64d112569a8ae5fb95 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15693 https://bugzilla.redhat.com/show_bug.cgi?id=1790313 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15692 – tigervnc: Heap buffer overflow triggered from CopyRectDecoder due to incorrect value checks
https://notcve.org/view.php?id=CVE-2019-15692
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al desbordamiento de búfer de la pila. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15692 https://bugzilla.redhat.com/show_bug.cgi?id=1789527 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15691 – tigervnc: Stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder
https://notcve.org/view.php?id=CVE-2019-15691
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al uso de la pila previo al retorno, que se presenta debido a un uso incorrecto de la memoria de pila en ZRLEDecoder. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/d61a767d6842b530ffb532ddd5a3d233119aad40 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15691 https://bugzilla.redhat.com/show_bug.cgi?id=1789908 • CWE-672: Operation on a Resource after Expiration or Release CWE-825: Expired Pointer Dereference •