CVE-2019-15695 — HIGH (7.2)

Q: How severe is CVE-2019-15695?

CVE-2019-15695 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-15695?

Check the references section above for vendor advisories and patch information. Affected products include: Tigervnc Tigervnc, Opensuse Leap.

Vulnerability Description

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

CVSS Score

7.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Tigervnc	Tigervnc	< 1.10.1
Opensuse	Leap	15.1

Related Weaknesses (CWE)

CWE-754 CWE-121 CWE-787

References

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.htmlMailing ListThird Party Advisory
https://github.com/CendioOssman/tigervnc/commit/05e28490873a861379c943bf616614b7PatchThird Party Advisory
https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1PatchThird Party Advisory
https://www.openwall.com/lists/oss-security/2019/12/20/2ExploitMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.htmlMailing ListThird Party Advisory
https://github.com/CendioOssman/tigervnc/commit/05e28490873a861379c943bf616614b7PatchThird Party Advisory
https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1PatchThird Party Advisory
https://www.openwall.com/lists/oss-security/2019/12/20/2ExploitMailing ListThird Party Advisory

FAQ

What is CVE-2019-15695?

CVE-2019-15695 is a vulnerability with a CVSS score of 7.2 (HIGH). TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFor...

How severe is CVE-2019-15695?

CVE-2019-15695 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-15695?

Check the references section above for vendor advisories and patch information. Affected products include: Tigervnc Tigervnc, Opensuse Leap.