Back to search
CVE-2017-5885
Published: Feb 28, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20170203 CVE request for two input validation flaws in gtk-vnc
mailing-list
x_refsource_MLIST
96016
vdb-entry
x_refsource_BID
RHSA-2017:2258
vendor-advisory
x_refsource_REDHAT
FEDORA-2017-ab04a91edd
vendor-advisory
x_refsource_FEDORA
[oss-security] 20170204 Re: CVE request for two input validation flaws in gtk-vnc
mailing-list
x_refsource_MLIST
https://bugzilla.gnome.org/show_bug.cgi?id=778050
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now