cbcvebase.
CVE-2019-8287
published 2019-10-29

CVE-2019-8287: TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear…

PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
19.46%
97.0th percentile
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

Affected

7 ranges
VendorProductVersion rangeFixed in
debiantightvnc< tightvnc 1:1.3.9-9.1 (bookworm)tightvnc 1:1.3.9-9.1 (bookworm)
kasperskytightvnc
tightvnctightvnc
tightvnctightvnc>= 0 < 1:1.3.9-9.11:1.3.9-9.1
tightvnctightvnc>= 0 < 1:1.3.9-9.11:1.3.9-9.1
tightvnctightvnc>= 0 < 1:1.3.9-9.11:1.3.9-9.1
tightvnctightvnc>= 0 < 1:1.3.9-9.11:1.3.9-9.1

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2019-8287 is a global buffer overflow in the HandleCoRREBBP macro function in TightVNC 1.3.10, exploitable via network connectivity and potentially resulting in code execution.
  • Target the HandleCoRREBBP macro function in TightVNC v1.x client code as the vulnerable code path for this overflow; network-delivered RFB/VNC protocol messages triggering CoRRE encoding handling are the attack vector.
  • CVSS v3 base score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) — unauthenticated, network-exploitable, no user interaction required; prioritize detection at the network perimeter for VNC traffic.
  • ·Debian fixed this vulnerability in package version 1:1.3.9-9.1 across bookworm, bullseye, forky, sid, and trixie; note the fixed package version is 1.3.9-9.1 (a patched 1.3.9 package), not 1.3.10.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.