CVE-2017-7395 – tigervnc: Integer overflow in SMsgReader::readClientCutText
https://notcve.org/view.php?id=CVE-2017-7395
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. En TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), provocando un desbordamiento de entero, un cliente autenticado puede bloquear el servidor. An integer overflow flaw was found in the way TigerVNC handled ClientCutText messages. A remote, authenticated attacker could use this flaw to make Xvnc crash by sending specially crafted ClientCutText messages, resulting in denial of service. • http://www.securityfocus.com/bid/97305 https://access.redhat.com/errata/RHSA-2017:2000 https://github.com/TigerVNC/tigervnc/pull/436 https://github.com/TigerVNC/tigervnc/pull/436/commits/bf3bdac082978ca32895a4b6a123016094905689 https://security.gentoo.org/glsa/201801-13 https://access.redhat.com/security/cve/CVE-2017-7395 https://bugzilla.redhat.com/show_bug.cgi?id=1438701 • CWE-190: Integer Overflow or Wraparound •
CVE-2017-7393 – tigervnc: Double free via crafted fences
https://notcve.org/view.php?id=CVE-2017-7393
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution. En TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), un cliente autenticado puede provocar una liberación doble, conduciendo a denegación de servicio o potencialmente ejecución de código. A double free flaw was found in the way TigerVNC handled ClientFence messages. A remote, authenticated attacker could use this flaw to make Xvnc crash by sending specially crafted ClientFence messages, resulting in denial of service. • http://www.securityfocus.com/bid/97305 https://access.redhat.com/errata/RHSA-2017:2000 https://github.com/TigerVNC/tigervnc/pull/438 https://security.gentoo.org/glsa/201801-13 https://access.redhat.com/security/cve/CVE-2017-7393 https://bugzilla.redhat.com/show_bug.cgi?id=1438697 • CWE-415: Double Free CWE-416: Use After Free •
CVE-2017-7392 – tigervnc: SSecurityVeNCrypt memory leak
https://notcve.org/view.php?id=CVE-2017-7392
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. En TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), un cliente no autenticado puede provocar una pequeña fuga de memoria en el servidor. A memory leak flaw was found in the way TigerVNC handled termination of VeNCrypt connections. A remote unauthenticated attacker could repeatedly send connection requests to the Xvnc server, causing it to consume large amounts of memory resources over time, and ultimately leading to a denial of service due to memory exhaustion. • http://www.securityfocus.com/bid/97305 https://access.redhat.com/errata/RHSA-2017:2000 https://github.com/TigerVNC/tigervnc/pull/441 https://security.gentoo.org/glsa/201801-13 https://access.redhat.com/security/cve/CVE-2017-7392 https://bugzilla.redhat.com/show_bug.cgi?id=1438694 • CWE-772: Missing Release of Resource after Effective Lifetime •