First published: Tue Oct 29 2019(Updated: )
TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.
Credit: vulnerability@kaspersky.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tightvnc Tightvnc | =1.3.10 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-15678.
The severity of CVE-2019-15678 is critical with a CVSS score of 9.8.
The affected software for CVE-2019-15678 is TightVNC version 1.3.10.
The vulnerability in CVE-2019-15678 manifests as a heap buffer overflow in the rfbServerCutText handler of TightVNC version 1.3.10.
The vulnerability in CVE-2019-15678 can be exploited via network connectivity.