Vulnerability Details : CVE-2016-10207
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2016-10207
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:0.0.90:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:0.0.91:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:tigervnc:tigervnc:1.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-10207
0.65%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-10207
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-10207
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10207
-
https://security.gentoo.org/glsa/201801-13
TigerVNC: Multiple vulnerabilities (GLSA 201801-13) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2000
RHSA-2017:2000 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
Proper global init/deinit of GnuTLS · TigerVNC/tigervnc@8aa4bc5 · GitHubPatch
-
http://www.securityfocus.com/bid/96012
TigerVNC CVE-2016-10207 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://bugzilla.suse.com/show_bug.cgi?id=1023012
Bug 1023012 – VUL-0: CVE-2016-10207: tigervnc: crash when TLS handshake terminates earlyExploit;Issue Tracking;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00020.html
[security-announce] openSUSE-SU-2017:0444-1: important: Security updatePatch;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2017-0630.html
RHSA-2017:0630 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2017/02/02/22
oss-security - CVE request tigervnc: vnc server can crash when TLS handshake terminates earlyMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2017/02/05/2
oss-security - Re: CVE request tigervnc: vnc server can crash when TLS handshake terminates earlyExploit;Mailing List;Third Party Advisory
Jump to