FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

TightVNC -- Muliple Vulnerabilities

Affected packages
tightvnc <= 1.3.10_6

Details

VuXML ID b34c1947-a749-11ed-b24b-1c61b4739ac9
Discovery 2019-02-12
Entry 2023-02-08

MITRE reports:

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.

References

CVE Name CVE-2019-15678
CVE Name CVE-2019-15679
CVE Name CVE-2019-15680
CVE Name CVE-2019-8287
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15678
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15679
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15680
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8287