Intrusion Prevention

TightVNC.vncviewer.rfbServerCutText.Handler.Integer.Overflow

Description

This indicates an attack attempt to exploit an Integer Overflow Vulnerability in TightVNC.
A remote attacker could exploit this vulnerability by enticing a target user to connect to a malicious VNC server using TightVNC vncviewer. At the worst case, successful exploitation of this vulnerability may result in execution of arbitrary code under the security context of the user.

Affected Products

TightVNC 1.3.10

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

TightVNC has not released an advisory or patch regarding this vulnerability

CVE References

CVE-2019-15678