VYPR

rpm package

suse/gtk-vnc&distro=SUSE Linux Enterprise Server 12 SP4-LTSS

pkg:rpm/suse/gtk-vnc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Vulnerabilities (2)

  • CVE-2017-5885CriFeb 28, 2017
    affected < 0.6.0-11.3.1fixed 0.6.0-11.3.1

    Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a

  • CVE-2017-5884HigFeb 28, 2017
    affected < 0.6.0-11.3.1fixed 0.6.0-11.3.1

    gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.