CVE-2019-15678

Critical

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This…

Kaspersky·CWE-122·Published 2019-10-29

CVSS

9.8

EPSS

0.13

KEV

Exploits

cve.orgen

196 chars

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.

NVDen

196 chars

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.

El código de TightVNC versión 1.3.10, contiene un desbordamiento del búfer de la pila en el manejador rfbServerCutText, lo que puede resultar potencialmente en una ejecución de código. Este ataque parece ser explotable por medio de la conectividad de red.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H