← voltar
CVE-2019-15693

CVE-2019-15693

EPSS 4.3%CWE-122
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 4.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
26 dez 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
Produtos afetados
Kaspersky · TigerVNC

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.htmlhttps://github.com/CendioOssman/tigervnc/commit/b4ada8d0c6dac98c8b91fc64d112569a8ae5fb95https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1https://www.openwall.com/lists/oss-security/2019/12/20/2