2 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y...
MGASA-2017-0057 Updated gtk-vnc packages fix security vulnerability
It was found that gtk-vnc code does not properly check boundaries of subrectangle-containing tiles. A malicious server can use this to overwrite parts of the client memory CVE-2017-5884. In addition, the vncconnectionservermessage and vnccolormapset functions do not check for integer overflow...