TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
References
Configurations
Information
Published : 2019-10-29 12:15
Updated : 2020-12-09 09:15
NVD link : CVE-2019-8287
Mitre link : CVE-2019-8287
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
tightvnc
- tightvnc