CVE-2019-15691

HIGH

Tigervnc < 1.10.1 - Remote Code Execution

Title source: rule

Description

TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

References (4)

[Patch, Third Party Advisory] https://github.com/CendioOssman/tigervnc/commit/d61a767d6842b530ffb532ddd5a3d233119aad40

View Patch ZIP pw:eip

[Release Notes, Third Party Advisory] https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1

[Exploit, Mailing List, Third Party Advisory] https://www.openwall.com/lists/oss-security/2019/12/20/2

[Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00039.html

Scores

CVSS v3 7.2

EPSS 0.0368

EPSS Percentile 88.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-825 CWE-672

Status published

Products (2)

opensuse/leap 15.1

tigervnc/tigervnc < 1.10.1

Published Dec 26, 2019

Tracked Since Feb 18, 2026