Vulnerabilities (CVE)

Filtered by vendor Gnome Subscribe
Filtered by product Gtk-vnc
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5885 2 Fedoraproject, Gnome 2 Fedora, Gtk-vnc 2024-11-21 7.5 HIGH 9.8 CRITICAL
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
CVE-2017-5884 2 Fedoraproject, Gnome 2 Fedora, Gtk-vnc 2024-11-21 6.8 MEDIUM 7.8 HIGH
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
CVE-2017-1000044 1 Gnome 1 Gtk-vnc 2024-11-21 7.5 HIGH 9.8 CRITICAL
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering