CVE-2019-15683

TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e. This could possibly result into remote code execution, since stack frame is not protected with stack canary. This attack appear to be exploitable via network connectivity. To exploit this vulnerability authorization on server is required. These issues have been fixed in commit cea98166008301e614e0d36776bf9435a536136e.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://github.com/TurboVNC/turbovnc/commit/cea98166008301e614e0d36776bf9435a536136e	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:turbovnc:turbovnc:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-10-29 19:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-15683

Mitre link : CVE-2019-15683

CVE.ORG link : CVE-2019-15683

JSON object : View

Products Affected

turbovnc

turbovnc

CWE

CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2019-15683", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-10-29T19:15:18.203", "references": [{"url": "https://github.com/TurboVNC/turbovnc/commit/cea98166008301e614e0d36776bf9435a536136e", "tags": ["Patch", "Third Party Advisory"], "source": "vulnerability@kaspersky.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "vulnerability@kaspersky.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e. This could possibly result into remote code execution, since stack frame is not protected with stack canary. This attack appear to be exploitable via network connectivity. To exploit this vulnerability authorization on server is required. These issues have been fixed in commit cea98166008301e614e0d36776bf9435a536136e."}, {"lang": "es", "value": "El c\u00f3digo del servidor TurboVNC contiene una vulnerabilidad de desbordamiento del b\u00fafer de la pila en el commit anterior a cea98166008301e614e0d36776bf9435a536136e. Esto podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo remota, ya que la trama de la pila no est\u00e1 protegida con una pila canary. Este ataque parece ser explotable por medio de la conectividad de la red. Para explotar esta vulnerabilidad es requerida una autorizaci\u00f3n en el servidor. Estos problemas han sido solucionados en el commit cea98166008301e614e0d36776bf9435a536136e."}], "lastModified": "2019-11-05T16:46:51.467", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:turbovnc:turbovnc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C369DEF2-15BE-46B1-A0A1-79C073B81192", "versionEndExcluding": "2.2.3"}], "operator": "OR"}]}], "sourceIdentifier": "vulnerability@kaspersky.com"}