TigerVNC version prior to 1.10.1 Out-of-bounds Write Vulnerability

Summary

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient.

Credit:

The information has been provided by Pavel Cheremushkin

The original article can be found at:https://www.openwall.com/lists/oss-security/2019/12/20/2


Details

Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

 

Vulnerable Systems:

TigerVNC version prior to 1.10.1

 

CVE Information:

CVE-2019-15693

 

Disclosure Timeline:
Published Date:12/26/2019

Categories: News