CVE-2019-15679

Published Oct 29, 2019

Last updated 4 years ago

Overview

Description
TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
Source
vulnerability@kaspersky.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

CVSS 2.0

Type
Primary
Base score
7.5
Impact score
6.4
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov
CWE-787
vulnerability@kaspersky.com
CWE-122

Social media

Hype score
Not currently trending

Configurations