CVE-2019-8287

Description

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

References

https://www.openwall.com/lists/oss-security/2018/12/10/5

https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08

https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html

https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3