CVE-2019-15694 — Heap-based Buffer Overflow in Tigervnc

CWE-122 — Heap-based Buffer Overflow CWE-787 — Out-of-bounds Write7 documents6 sources

Severity

7.2HIGHNVD

EPSS

6.0%

top 9.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tigervnc Debian Tigervnc Kaspersky Tigervnc +1 more

Timeline

PublishedDec 26

Latest updateMay 24

Description

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages5 packages

▶debiandebian/tigervnc< tigervnc 1.10.1+dfsg-1 (bookworm)

▶NVDtigervnc/tigervnc< 1.10.1

▶Debiantigervnc/tigervnc< 1.10.1+dfsg-1+3

▶CVEListV5kaspersky/tigervnc1.10.0

▶NVDopensuse/leap15.1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-mm3v-7wx3-vx47: TigerVNC version prior to 1↗2022-05-24

▶

OSV

CVE-2019-15694: TigerVNC version prior to 1↗2019-12-26

▶

📋Vendor Advisories

Red Hat

tigervnc: Heap buffer overflow in DecodeManager::decodeRect↗2019-12-20

▶

Debian

CVE-2019-15694: tigervnc - TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which co...↗2019

▶

💬Community

Bugzilla

CVE-2019-15694 tigervnc: Heap buffer overflow in DecodeManager::decodeRect [fedora-all]↗2020-01-13

▶

Bugzilla

CVE-2019-15694 tigervnc: Heap buffer overflow in DecodeManager::decodeRect↗2020-01-13

▶