CVE-2017-5884: Improper check of framebuffer boundaries when processing a tile; gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted rre, hextile, or copyrect tile.