CVE-2019-15678

Published: 29 October 2019

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.

From the Ubuntu Security Team

Pavel Cheremushkin discovered that TightVNC contains a heap buffer overflow vulnerability. An attacker could use it to cause a Denial of Service or possible a remote code execution.

Notes

Author	Note
mdeslaur	this CVE is for tightvnc, the equivalent flaw was CVE-2018-20019 in libvncserver

Priority

Cvss 3 Severity Score

9.8

Score breakdown

Status

Package	Release	Status
bochs Launchpad, Ubuntu, Debian	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	xenial	Needs triage
	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	mantic	Needs triage
directvnc Launchpad, Ubuntu, Debian	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	mantic	Needs triage
libvncserver Launchpad, Ubuntu, Debian	bionic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	trusty	Does not exist
	upstream	Needs triage
	xenial	Not vulnerable
	impish	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
ssvnc Launchpad, Ubuntu, Debian	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	mantic	Needs triage
tightvnc Launchpad, Ubuntu, Debian	trusty	Released (1.3.9-6.5+deb8u1build0.14.04.1~esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	upstream	Needs triage
	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	mantic	Needs triage
vino Launchpad, Ubuntu, Debian	bionic	Not vulnerable (code not present)
	impish	Not vulnerable (code not present)
	groovy	Not vulnerable (code not present)
	hirsute	Not vulnerable (code not present)
	jammy	Not vulnerable (code not present)
	kinetic	Not vulnerable (code not present)
	lunar	Not vulnerable (code not present)
	disco	Not vulnerable (code not present)
	eoan	Not vulnerable (code not present)
	focal	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Not vulnerable (code not present)
	mantic	Not vulnerable (code not present)
veyon Launchpad, Ubuntu, Debian	bionic	Does not exist
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	mantic	Needs triage
vlc Launchpad, Ubuntu, Debian	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	trusty	Ignored (end of standard support)
	lunar	Needs triage
	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	upstream	Needs triage
	mantic	Needs triage
vncsnapshot Launchpad, Ubuntu, Debian	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	mantic	Needs triage
x11vnc Launchpad, Ubuntu, Debian	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Needs triage
	upstream	Needs triage
	mantic	Needs triage
x2vnc Launchpad, Ubuntu, Debian	hirsute	Ignored (end of life)
	groovy	Ignored (end of life)
	kinetic	Ignored (end of life, was needs-triage)
	xenial	Needs triage
	jammy	Needs triage
	impish	Ignored (end of life)
	lunar	Needs triage
	bionic	Needs triage
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	mantic	Needs triage

Severity score breakdown

Parameter	Value
Base score	9.8
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›