CyberSec.Space Logo
Back to CVE Browser

CVE-2019-15679

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile30.90th
PublishedOct 29, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

Affected Platforms (CPE)

πŸ“¦
Tightvnc

Tightvnc

= 1.3.10

References & Advisories

πŸ”— https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf
πŸ”— https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html
πŸ”— https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08
πŸ”— https://www.openwall.com/lists/oss-security/2018/12/10/5
πŸ”— https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf
πŸ”— https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html
πŸ”— https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08
πŸ”— https://www.openwall.com/lists/oss-security/2018/12/10/5

Related Vulnerabilities

CVE-2009-038810.0

Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a deni...

CVE-2019-82879.8

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code e...

CVE-2021-427859.8

Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a...

CVE-2019-156789.8

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code executio...