vulnerability
CentOS Linux: CVE-2019-15692: Moderate: tigervnc security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Dec 26, 2019 | Apr 20, 2020 | May 25, 2023 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Dec 26, 2019
Added
Apr 20, 2020
Modified
May 25, 2023
Description
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
Solutions
centos-upgrade-tigervnccentos-upgrade-tigervnc-debuginfocentos-upgrade-tigervnc-debugsourcecentos-upgrade-tigervnc-iconscentos-upgrade-tigervnc-licensecentos-upgrade-tigervnc-servercentos-upgrade-tigervnc-server-appletcentos-upgrade-tigervnc-server-debuginfocentos-upgrade-tigervnc-server-minimalcentos-upgrade-tigervnc-server-minimal-debuginfocentos-upgrade-tigervnc-server-modulecentos-upgrade-tigervnc-server-module-debuginfo
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.