Lucene search
Veracode Vulnerability DatabaseVERACODE:27396HistoryOct 01, 2020 - 3:52 a.m.
Remote Code Execution (RCE)
2020-10-0103:52:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
61.9%
tigervnc is vulnerable to remote code execution (RCE). It is possible due to a heap buffer overflow in DecodeManager::decodeRect.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tigervnc | eq | 1.8.0__13.el7 | |
| tigervnc | eq | 1.8.0__17.el7 | |
| tigervnc | eq | 1.8.0__19.el7 |
References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
access.redhat.com/errata/RHSA-2020:3875
access.redhat.com/security/updates/classification/#moderate
github.com/CendioOssman/tigervnc/commit/0943c006c7d900dfc0281639e992791d6c567438
github.com/TigerVNC/tigervnc/releases/tag/v1.10.1
www.openwall.com/lists/oss-security/2019/12/20/2
Related
cvelist
cvelist
CVE-2019-15694
2019-12-26 14:59:01
cve
cve
CVE-2019-15694
2019-12-26 15:15:11
debiancve
debiancve
CVE-2019-15694
2019-12-26 15:15:11
redhatcve
redhatcve
CVE-2019-15694
2020-01-13 06:39:03
prion
prion
Heap overflow
2019-12-26 15:15:00
osv
osv
CVE-2019-15694
2019-12-26 15:15:11
nvd
nvd
CVE-2019-15694
2019-12-26 15:15:11
ubuntucve
ubuntucve
CVE-2019-15694
2019-12-26 00:00:00
nessus
nessus
SUSE SLES12 Security Update : tigervnc (SUSE-SU-2020:0159-1)
2020-01-23 00:00:00
GLSA-202407-14 : TigerVNC: Multiple Vulnerabilities
2024-07-05 00:00:00
Amazon Linux AMI : tigervnc (ALAS-2020-1470) (deprecated)
2020-12-19 00:00:00
amazon
amazon
Medium: tigervnc
2020-12-16 20:51:00
Low: tigervnc
2020-10-22 18:47:00
Medium: tigervnc
2021-01-12 22:52:00
openvas
openvas
openSUSE: Security Advisory for tigervnc (openSUSE-SU-2020:0087_1)
2020-01-27 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1749-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0159-1)
2021-04-19 00:00:00
mageia
mageia
Updated tigervnc packages fix security vulnerabilities
2020-01-19 13:11:05
oraclelinux
oraclelinux
tigervnc security update
2020-04-18 00:00:00
tigervnc security and bug fix update
2020-10-06 00:00:00
redhat
redhat
(RHSA-2020:3875) Moderate: tigervnc security and bug fix update
2020-09-29 07:39:39
(RHSA-2020:1497) Moderate: tigervnc security update
2020-04-16 20:09:52
suse
suse
Security update for tigervnc (important)
2020-01-21 00:00:00
centos
centos
tigervnc security update
2020-10-20 19:03:46
gentoo
gentoo
TigerVNC: Multiple Vulnerabilities
2024-07-05 00:00:00