CVE-2014-8240

Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tigervnc:tigervnc:0.0.90:*:*:*:*:*:*:*
cpe:2.3:a:tigervnc:tigervnc:0.0.91:*:*:*:*:*:*:*
cpe:2.3:a:tigervnc:tigervnc:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tigervnc:tigervnc:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tigervnc:tigervnc:1.1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 02:18

Type Values Removed Values Added
References () http://seclists.org/oss-sec/2014/q4/278 - () http://seclists.org/oss-sec/2014/q4/278 -
References () http://seclists.org/oss-sec/2014/q4/300 - () http://seclists.org/oss-sec/2014/q4/300 -
References () http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html - () http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html -
References () http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html - () http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html -
References () http://www.securityfocus.com/bid/70391 - () http://www.securityfocus.com/bid/70391 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=1151307 - () https://bugzilla.redhat.com/show_bug.cgi?id=1151307 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/96947 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/96947 -
References () https://security.gentoo.org/glsa/201612-36 - () https://security.gentoo.org/glsa/201612-36 -

Information

Published : 2014-10-16 19:55

Updated : 2024-11-21 02:18


NVD link : CVE-2014-8240

Mitre link : CVE-2014-8240

CVE.ORG link : CVE-2014-8240


JSON object : View

Products Affected

tigervnc

  • tigervnc
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer