CVE-2019-8287

Severity CVSS v4.0:
Pending analysis
Type:
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
29/10/2019
Last modified:
09/12/2020

Description

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:tightvnc:tightvnc:1.3.10:*:*:*:*:*:*:*