FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

TightVNC -- Muliple Vulnerabilities

Affected packages
tightvnc <= 1.3.10_6

Details

VuXML ID b34c1947-a749-11ed-b24b-1c61b4739ac9
Discovery 2019-02-12
Entry 2023-02-08

MITRE reports:

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

[source]

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

[source]

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

[source]

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.

[source]

References

CVE Name CVE-2019-15678
CVE Name CVE-2019-15679
CVE Name CVE-2019-15680
CVE Name CVE-2019-8287
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15678
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15679
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15680
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8287

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.