Vulnerabilities (CVE)

Filtered by vendor Gnome Subscribe

Filtered by product Gtk-vnc

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-5885	2 Fedoraproject, Gnome	2 Fedora, Gtk-vnc	2018-01-05	7.5 HIGH	9.8 CRITICAL
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
CVE-2017-1000044	1 Gnome	1 Gtk-vnc	2017-07-19	7.5 HIGH	9.8 CRITICAL
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering