CVE-2019-8287

EPSS 19.5%CWE-120

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

Productos afectados

Kaspersky · TightVNC

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08 https://www.openwall.com/lists/oss-security/2018/12/10/5