Vulnerability Details : CVE-2017-5581
Buffer overflow in the ModifiablePixelBuffer::fillRect function in TigerVNC before 1.7.1 allows remote servers to execute arbitrary code via an RRE message with subrectangle outside framebuffer boundaries.
Vulnerability category: OverflowExecute code
Products affected by CVE-2017-5581
- cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-5581
1.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-5581
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2017-5581
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-5581
-
https://github.com/TigerVNC/tigervnc/releases/tag/v1.7.1
Release TigerVNC 1.7.1 · TigerVNC/tigervnc · GitHubRelease Notes;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:2000
RHSA-2017:2000 - Security Advisory - Red Hat Customer Portal
-
http://www.openwall.com/lists/oss-security/2017/01/25/6
oss-security - Re: [tigervnc-announce] TigerVNC 1.7.1Mailing List;Patch;Third Party Advisory
-
https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba
Fix buffer overflow in ModifiablePixelBuffer::fillRect. · TigerVNC/tigervnc@18c0201 · GitHubPatch;Third Party Advisory
-
https://github.com/TigerVNC/tigervnc/pull/399
Fix buffer overflow in ModifiablePixelBuffer::fillRect. by michalsrb · Pull Request #399 · TigerVNC/tigervnc · GitHubPatch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2017/01/22/1
oss-security - Re: [tigervnc-announce] TigerVNC 1.7.1Mailing List;Patch;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2017-0630.html
RHSA-2017:0630 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/95789
TigerVNC CVE-2017-5581 Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://security.gentoo.org/glsa/201702-19
TigerVNC: Buffer overflow (GLSA 201702-19) — Gentoo security
Jump to