Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/oss-sec/2014/q4/278 - | |
References | () http://seclists.org/oss-sec/2014/q4/300 - | |
References | () http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html - | |
References | () http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html - | |
References | () http://www.securityfocus.com/bid/70391 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1151307 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/96947 - | |
References | () https://security.gentoo.org/glsa/201612-36 - |
Information
Published : 2014-10-16 19:55
Updated : 2024-11-21 02:18
NVD link : CVE-2014-8240
Mitre link : CVE-2014-8240
CVE.ORG link : CVE-2014-8240
JSON object : View
Products Affected
tigervnc
- tigervnc
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer