Lucene search

K
osvGoogleOSV:CVE-2017-5884
HistoryFeb 28, 2017 - 6:59 p.m.

CVE-2017-5884

2017-02-2818:59:00
Google
osv.dev
9

AI Score

7.6

Confidence

Low

EPSS

0.002

Percentile

61.4%

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.