Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2017-7396

Published: 01/04/2017 Updated: 03/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Tigervnc

Vulnerability Summary

In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tigervnc tigervnc 1.7.1

Vendor Advisories

Debian CVElist Bug Report Logs: tigervnc: CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396
Debian Bug report logs - #859259 tigervnc: CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396 Package: src:tigervnc; Maintainer for src:tigervnc is TigerVNC Packaging Team <pkg-tigervnc-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 1 Apr 2017 10:21 ...
Amazon Linux AMI: ALAS-2017-879
Buffer overflow in ModifiablePixelBuffer::fillRectA buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service (CVE-2017-5581) VNC server can crash when TLS handshake terminates early:A denial of service fla ...
Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2018
Oracle Solaris Third Party Bulletin - April 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical ...
Oracle Linux Bulletins: Oracle Linux Bulletin - July 2017
Oracle Linux Bulletin - July 2017 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released ...

References

CWE-772https://github.com/TigerVNC/tigervnc/pull/436/commits/dccb5f7d776e93863ae10bbff56a45c523c6eeb0https://github.com/TigerVNC/tigervnc/pull/436http://www.securityfocus.com/bid/97305https://access.redhat.com/errata/RHSA-2017:2000https://security.gentoo.org/glsa/201801-13https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859259https://www.securityfocus.com/bid/97305https://alas.aws.amazon.com/ALAS-2017-879.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-45441arbitrary CVE-2022-31254CVE-2023-0719CVE-2023-25136CVE-2023-0744CVE-2022-0847unspecifiedspoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook