Published: 01/04/2017 Updated: 03/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tigervnc tigervnc 1.7.1

Vendor Advisories

Debian Bug report logs - #859259 tigervnc: CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396 Package: src:tigervnc; Maintainer for src:tigervnc is TigerVNC Packaging Team <pkg-tigervnc-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 1 Apr 2017 10:21 ...
Buffer overflow in ModifiablePixelBuffer::fillRectA buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service (CVE-2017-5581) VNC server can crash when TLS handshake terminates early:A denial of service fla ...
Oracle Solaris Third Party Bulletin - April 2018 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical ...
Oracle Linux Bulletin - July 2017 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are released ...