First published: Tue Oct 29 2019(Updated: )
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
Credit: vulnerability@kaspersky.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tightvnc Tightvnc | =1.3.10 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this advisory is CVE-2019-8287.
CVE-2019-8287 has a severity rating of critical.
CVE-2019-8287 affects TightVNC version 1.3.10.
This vulnerability can be exploited through network connectivity.
Yes, you can find references for CVE-2019-8287 at the following links: - [Siemens CERT Portal](https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf) - [Debian LTS Announce](https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html) - [US-CERT Advisory](https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08)