- Home
- CVEs with nessus.description==Josef Gajdusek discovered two vulnerabilities in gtk-vnc, a VNC viewer widget for GTK :
CVE-2017-5884
Fix bounds checking for RRE, hextile & copyrec encodings. This bug allowed a remote server to cause a denial of service by buffer overflow via a carefully crafted message containing subrectangles outside the drawing area.
CVE-2017-5885
Correctly validate color map range indexes. This bug allowed a remote server to cause a denial of service by buffer overflow via a carefully crafted message with out-of-range colour values.
For Debian 7 'Wheezy', these problems have been fixed in version 0.5.0-3.1+deb7u1.
We recommend that you upgrade your gtk-vnc packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top