TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Kaspersky

Published: 2019-12-26T14:59:01

Updated: 2024-08-05T00:56:22.428Z

Reserved: 2019-08-27T00:00:00

Link: CVE-2019-15694

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-12-26T15:15:11.337

Modified: 2024-11-21T04:29:16.497

Link: CVE-2019-15694

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-12-20T00:00:00Z

Links: CVE-2019-15694 - Bugzilla