CVE-2021-42785

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1310%

EPSS Percentile37.97th

PublishedNov 23, 2021

Last ModifiedNov 21, 2024

Vulnerability Description

Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allows a remote attacker to execute arbitrary instructions via a crafted FramebufferUpdate packet from a VNC server.

Affected Platforms (CPE)

📦

Tightvnc

<= 2.8.59

References & Advisories

🔗 https://www.tightvnc.com/whatsnew.php

Related Vulnerabilities

CVE-2009-038810.0

Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a deni...

CVE-2019-156799.8

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code ...

CVE-2019-82879.8

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code e...

CVE-2019-156789.8

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code executio...