9 matches found
CVE-2023-47250
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...
CVE-2023-47250
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...
CVE-2023-47251
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...
CVE-2023-47250
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...
Improper access control
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...
CVE-2023-47251
CVE-2023-47251 affects mprivacy-tools before 2.0.406g (TightGate-Pro Server). A Directory Traversal in the VNC print function allows authenticated users with a VNC session to place malicious PDFs into the .spool directory and trigger the VNC service to transfer them to the connected VNC client’s ...
m-privacy TightGate-Pro Server Security Vulnerability
The m-privacy TightGate-Pro Server is a remote control browser system from the German company m-privacy. A security vulnerability exists in m-privacy TightGate-Pro Server versions prior to 2.0.406g, which originated from a vulnerability that allows an authenticated attacker to automatically...
CVE-2023-47251
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers with access to a VNC session to automatically transfer malicious PDF documents by moving them into the .spool directory, and then...
CVE-2023-47250
CVE-2023-47250 affects mprivacy-tools prior to 2.0.406g (m-privacy TightGate-Pro Server). The root cause is broken access control on X11 server sockets, enabling an authenticated attacker with access to a VNC session to specify another user’s DISPLAY ID and access that user’s X11 desktop. This gr...