Skip to main content

Gtk Vnc

3 CVEs product

Monthly

CVE-2017-1000044 CRITICAL PATCH Act Now

gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Gtk Vnc
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2017-5885 CRITICAL POC PATCH Act Now

Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Denial Of Service Buffer Overflow Fedora +1
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2017-5884 HIGH POC PATCH This Week

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Fedora Gtk Vnc
NVD
CVSS 3.0
7.8
EPSS
0.5%
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Gtk Vnc
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Denial Of Service +3
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Fedora Gtk Vnc
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy