VYPR

rpm package

suse/gtk-vnc&distro=SUSE OpenStack Cloud 9

pkg:rpm/suse/gtk-vnc&distro=SUSE%20OpenStack%20Cloud%209

Vulnerabilities (2)

  • CVE-2017-5885CriFeb 28, 2017
    affected < 0.6.0-11.3.1fixed 0.6.0-11.3.1

    Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a

  • CVE-2017-5884HigFeb 28, 2017
    affected < 0.6.0-11.3.1fixed 0.6.0-11.3.1

    gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.