CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15693 – tigervnc: Heap buffer overflow in TightDecoder::FilterGradient
https://notcve.org/view.php?id=CVE-2019-15693
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al desbordamiento de búfer de la pila, que se presenta en la función TightDecoder::FilterGradient. La explotación de esta vulnerabilidad podría resultar potencialmente en una ejecución de código remota. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/b4ada8d0c6dac98c8b91fc64d112569a8ae5fb95 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15693 https://bugzilla.redhat.com/show_bug.cgi?id=1790313 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15692 – tigervnc: Heap buffer overflow triggered from CopyRectDecoder due to incorrect value checks
https://notcve.org/view.php?id=CVE-2019-15692
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al desbordamiento de búfer de la pila. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15692 https://bugzilla.redhat.com/show_bug.cgi?id=1789527 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15691 – tigervnc: Stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder
https://notcve.org/view.php?id=CVE-2019-15691
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. TigerVNC versiones anteriores a 1.10.1, es vulnerable al uso de la pila previo al retorno, que se presenta debido a un uso incorrecto de la memoria de pila en ZRLEDecoder. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html https://github.com/CendioOssman/tigervnc/commit/d61a767d6842b530ffb532ddd5a3d233119aad40 https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1 https://www.openwall.com/lists/oss-security/2019/12/20/2 https://access.redhat.com/security/cve/CVE-2019-15691 https://bugzilla.redhat.com/show_bug.cgi?id=1789908 • CWE-672: Operation on a Resource after Expiration or Release CWE-825: Expired Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7392 – tigervnc: SSecurityVeNCrypt memory leak
https://notcve.org/view.php?id=CVE-2017-7392
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. En TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), un cliente no autenticado puede provocar una pequeña fuga de memoria en el servidor. A memory leak flaw was found in the way TigerVNC handled termination of VeNCrypt connections. A remote unauthenticated attacker could repeatedly send connection requests to the Xvnc server, causing it to consume large amounts of memory resources over time, and ultimately leading to a denial of service due to memory exhaustion. • http://www.securityfocus.com/bid/97305 https://access.redhat.com/errata/RHSA-2017:2000 https://github.com/TigerVNC/tigervnc/pull/441 https://security.gentoo.org/glsa/201801-13 https://access.redhat.com/security/cve/CVE-2017-7392 https://bugzilla.redhat.com/show_bug.cgi?id=1438694 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7393 – tigervnc: Double free via crafted fences
https://notcve.org/view.php?id=CVE-2017-7393
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution. En TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), un cliente autenticado puede provocar una liberación doble, conduciendo a denegación de servicio o potencialmente ejecución de código. A double free flaw was found in the way TigerVNC handled ClientFence messages. A remote, authenticated attacker could use this flaw to make Xvnc crash by sending specially crafted ClientFence messages, resulting in denial of service. • http://www.securityfocus.com/bid/97305 https://access.redhat.com/errata/RHSA-2017:2000 https://github.com/TigerVNC/tigervnc/pull/438 https://security.gentoo.org/glsa/201801-13 https://access.redhat.com/security/cve/CVE-2017-7393 https://bugzilla.redhat.com/show_bug.cgi?id=1438697 • CWE-415: Double Free CWE-416: Use After Free •