PRIOn knowledge basePRION:CVE-2019-15679

HistoryOct 29, 2019 - 7:15 p.m.

Heap overflow

2019-10-2919:15:00

PRIOn knowledge base

www.prio-n.com

AI Score

9.8

Confidence

High

EPSS

0.019

Percentile

88.7%

JSON

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

References

cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf

lists.debian.org/debian-lts-announce/2019/12/msg00028.html

us-cert.cisa.gov/ics/advisories/icsa-20-343-08

www.openwall.com/lists/oss-security/2018/12/10/5