CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2017-7394 – tigervnc: Server crash via long usernames
https://notcve.org/view.php?id=CVE-2017-7394
01 Apr 2017 — In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames. En TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), usuarios no autenticados pueden bloquear el servidor enviando nombres de usuario largos. A missing input sanitization flaw was found in the way TigerVNC handled credentials. A remote unauthenticated attacker could use this flaw to make Xvnc crash by sending specially crafted usernames, resulting in denial o... • http://www.securityfocus.com/bid/97305 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7395 – tigervnc: Integer overflow in SMsgReader::readClientCutText
https://notcve.org/view.php?id=CVE-2017-7395
01 Apr 2017 — In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. En TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), provocando un desbordamiento de entero, un cliente autenticado puede bloquear el servidor. An integer overflow flaw was found in the way TigerVNC handled ClientCutText messages. A remote, authenticated attacker could use this flaw to make Xvnc crash by sending specially crafted ClientCutText messages,... • http://www.securityfocus.com/bid/97305 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7396 – tigervnc: SecurityServer and ClientServer memory leaks
https://notcve.org/view.php?id=CVE-2017-7396
01 Apr 2017 — In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. En TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), un cliente no autenticado puede provocar una fuga pequeña fuga de memoria en el servidor. A memory leak flaw was found in the way TigerVNC handled client connections. A remote unauthenticated attacker could repeatedly send connection requests to the Xvnc server, causing it to consume large amounts of memory resource... • http://www.securityfocus.com/bid/97305 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 2CVE-2016-10207 – tigervnc: VNC server can crash when TLS handshake terminates early
https://notcve.org/view.php?id=CVE-2016-10207
28 Feb 2017 — The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early. El servidor Xvnc en TigerVNC permite a atacantes remotos provocar una denegación de servicio (acceso a memoria no válida y caída) terminando un apretón de manos TLS temprano. A denial of service flaw was found in the TigerVNC's Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by terminating the TLS handshake process earl... • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00020.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-5581 – tigervnc: Buffer overflow in ModifiablePixelBuffer::fillRect
https://notcve.org/view.php?id=CVE-2017-5581
21 Feb 2017 — Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries. Desbordamiento de búfer en la función ModifiablePixelBuffer::fillRect en TigerVNC en versiones anteriores a 1.7.1 permite a servidores remotos ejecutar código arbitrario a través de un mensaje RRE con un subrectangulo fuera de los límites del marco del búfer. A buffer overflow flaw, leading to memory corr... • http://rhn.redhat.com/errata/RHSA-2017-0630.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0011 – Gentoo Linux Security Advisory 201411-03
https://notcve.org/view.php?id=CVE-2014-0011
06 Nov 2014 — Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service (vncviewer crash) and possibly execute arbitrary code via vectors related to screen image rendering. Múltiples desbordamientos de búfer en la región heap de la memoria en la función ZRLE_DECODE en el archivo common/rfb/zrleDecode.h en TigerVNC versiones anteriores a la versión 1.3.1, cuando NDEBUG está habilitado, ... • https://bugzilla.redhat.com/show_bug.cgi?id=1050928 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-8240 – tigervnc: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling
https://notcve.org/view.php?id=CVE-2014-8240
16 Oct 2014 — Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051. Desbordamiento de enteros en TigerVNC permite a servidores remotos VNC causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores relacionados con el manejo de la pantalla, lo que provoca un desbordamiento de buffe... • http://seclists.org/oss-sec/2014/q4/278 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1775 – tigervnc: vncviewer can send password to server without proper validation of the X.509 certificate
https://notcve.org/view.php?id=CVE-2011-1775
26 May 2011 — The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-middle attackers to spoof a TLS VNC server via an arbitrary certificate. La función CSecurityTLS::processMsg en common/rtb/CSecurityTLS.cxx en el componente vncviewer en tigervnc v1.1beta1 no verifica de forma adecuada el certificado X.509 del servidor, lo que permite a ataques de Hombre en medio (man-in-the-midd... • http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060567.html • CWE-20: Improper Input Validation •