Published: 01/04/2017 Updated: 13/01/2018

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tigervnc tigervnc 1.7.1

Debian Bug report logs - #859259 tigervnc: CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396 Package: src:tigervnc; Maintainer for src:tigervnc is TigerVNC Packaging Team <pkg-tigervnc-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 1 Apr 2017 10:21 ...

Buffer overflow in ModifiablePixelBuffer::fillRectA buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service (CVE-2017-5581) VNC server can crash when TLS handshake terminates early:A denial of service fla ...

CWE-415 https://github.com/TigerVNC/tigervnc/pull/438 http://www.securityfocus.com/bid/97305 https://access.redhat.com/errata/RHSA-2017:2000 https://security.gentoo.org/glsa/201801-13 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859259 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2017-879.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-7393

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect