
We found results for “”
CVE-2019-15690
Good to know:

Date: January 24, 2025
libvncserver before 0.9.13 is vulnerable to buffer overflow. An integer overflow within the HandleCursorShape() function can be exploited to cause a heap-based buffer overflow by tricking a user or application using libvncserver to connect to an unstrusted server and subsequently send cursor shapes with specially crafted dimensions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Language: C
Severity Score
Related Resources (7)
Severity Score
Weakness Type (CWE)
Heap-based Buffer Overflow
CWE-122CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |