CVE-2019-15680

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-15680
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15680.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-15680
Related
Published
2019-10-29T19:15:18Z
Modified
2024-06-30T13:09:44.144512Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.

References

Affected packages

Debian:11 / libvncserver

Package

Name
libvncserver
Purl
pkg:deb/debian/libvncserver?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.13+dfsg-2
0.9.13+dfsg-2+deb11u1
0.9.13+dfsg-3
0.9.13+dfsg-4
0.9.13+dfsg-5
0.9.14+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / libvncserver

Package

Name
libvncserver
Purl
pkg:deb/debian/libvncserver?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.14+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / libvncserver

Package

Name
libvncserver
Purl
pkg:deb/debian/libvncserver?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.14+dfsg-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / tightvnc

Package

Name
tightvnc
Purl
pkg:deb/debian/tightvnc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.3.9-9.1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / tightvnc

Package

Name
tightvnc
Purl
pkg:deb/debian/tightvnc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.3.9-9.1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / tightvnc

Package

Name
tightvnc
Purl
pkg:deb/debian/tightvnc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.3.9-9.1

Ecosystem specific

{
    "urgency": "unimportant"
}