ALAS-2015-623 --- tigervncID: oval:org.secpod.oval:def:1200150 | Date: (C)2016-01-04 (M)2021-06-02 |
Class: PATCH | Family: unix |
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client.A NULL pointer dereference flaw was found in TigerVNC"s XRegion. A malicious VNC server could use this flaw to cause a client to crash.
Platform: |
Amazon Linux AMI |