CVE-2019-15692

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-15692
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15692.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-15692
Downstream
Related
Published
2019-12-26T15:15:11.147Z
Modified
2025-12-11T01:58:50.331846Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

References

Affected packages

Git / github.com/cendioossman/tigervnc

Affected ranges

Type
GIT
Repo
https://github.com/cendioossman/tigervnc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
996356b6c65ca165ee1ea46a571c32a1dc3c3821

Affected versions

v0.*

v0.0.90

v1.*

v1.1.90

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://github.com/cendioossman/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821",
        "deprecated": false,
        "target": {
            "file": "common/rfb/PixelBuffer.cxx",
            "function": "FullFramePixelBuffer::setBuffer"
        },
        "id": "CVE-2019-15692-5e3ac25c",
        "digest": {
            "function_hash": "137663250478881754422468393661624500259",
            "length": 188.0
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/cendioossman/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821",
        "deprecated": false,
        "target": {
            "file": "common/rfb/PixelBuffer.cxx",
            "function": "PixelBuffer::setSize"
        },
        "id": "CVE-2019-15692-68bcb23a",
        "digest": {
            "function_hash": "314322362212804435999773152376304328589",
            "length": 97.0
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/cendioossman/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821",
        "deprecated": false,
        "target": {
            "file": "common/rfb/PixelBuffer.cxx"
        },
        "id": "CVE-2019-15692-7dd42b61",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "168996672940369909676115174818288778088",
                "13900705579432613094098652131674056094",
                "108420105531892965375792441098246925094",
                "285809962758851172979569908944258732998",
                "78043888707781922736952559322924824672",
                "81365129688946810061282529014797843602",
                "174485395056516859412971562483711709132",
                "83195346651603593710178310374587794493",
                "70857029825018839529435537888291655195",
                "24470555368808820631825685207351685863",
                "132540213983604438509553248019119597545"
            ]
        },
        "signature_type": "Line"
    }
]

Git / github.com/tigervnc/tigervnc

Affected ranges

Type
GIT
Repo
https://github.com/tigervnc/tigervnc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4739493b635372bd40a34640a719f79fa90e4dba

Affected versions

v0.*

v0.0.90

v1.*

v1.1.90
v1.10.0
v1.9.90