CVE-2019-15693
Description
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
Risk Information
Base Score
7.2
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
9.38
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2020:1497) tigervnc security update tigervnc-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-debugsource-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-icons-1.9.0-14.el8_1.noarch.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-license-1.9.0-14.el8_1.noarch.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-server-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-server-applet-1.9.0-14.el8_1.noarch.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-server-minimal-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:1497) tigervnc security update tigervnc-server-module-1.9.0-14.el8_1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) libXvnc1-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) libXvnc1-1.6.0-22.14.1.x86_64_SP4.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) libXvnc1-debuginfo-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) libXvnc1-debuginfo-1.6.0-22.14.1.x86_64_SP4.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) tigervnc-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) tigervnc-debuginfo-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) tigervnc-1.6.0-22.14.1.x86_64_SP5.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) tigervnc-debugsource-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) tigervnc-debuginfo-1.6.0-22.14.1.x86_64_SP5.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) tigervnc-debugsource-1.6.0-22.14.1.x86_64_SP5.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) xorg-x11-Xvnc-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP4 ) xorg-x11-Xvnc-debuginfo-1.6.0-22.14.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-Xvnc-1.6.0-22.14.1.x86_64_SP5.rpm | Linux |
| SUSE-SU-2020:1749-1(SUSE Linux Enterprise Server 12-SP5 ) xorg-x11-Xvnc-debuginfo-1.6.0-22.14.1.x86_64_SP5.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-1.8.0-21.el7.x86_64.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-icons-1.8.0-21.el7.noarch.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-license-1.8.0-21.el7.noarch.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-server-1.8.0-21.el7.x86_64.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-server-applet-1.8.0-21.el7.noarch.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-server-minimal-1.8.0-21.el7.x86_64.rpm | Linux |
| (RHSA-2020:3875) tigervnc security and bug fix update tigervnc-server-module-1.8.0-21.el7.x86_64.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-icons-1.9.0-14.el8_1.noarch.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-license-1.9.0-14.el8_1.noarch.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-server-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-server-applet-1.9.0-14.el8_1.noarch.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-server-minimal-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (CESA-2020:1497) tigervnc security update tigervnc-server-module-1.9.0-14.el8_1.x86_64.rpm | Linux |
| (CESA-2020:3875) tigervnc security and bug fix update tigervnc-1.8.0-21.el7.x86_64.rpm | Linux |
| (CESA-2020:3875) tigervnc security and bug fix update tigervnc-icons-1.8.0-21.el7.noarch.rpm | Linux |
| (CESA-2020:3875) tigervnc security and bug fix update tigervnc-license-1.8.0-21.el7.noarch.rpm | Linux |
| (CESA-2020:3875) tigervnc security and bug fix update tigervnc-server-1.8.0-21.el7.x86_64.rpm | Linux |
| (CESA-2020:3875) tigervnc security and bug fix update tigervnc-server-minimal-1.8.0-21.el7.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234