3 matches found
EulerOS 2.0 SP2 : tigervnc (EulerOS-SA-2021-1369)
According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. ...
MGASA-2020-0388 Updated tigervnc packages fix a security vulnerability
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception. CVE-2020-26117...
CVE-2020-26117
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception. Mitigation This flaw c...