Fluid Attacks Database

Description

XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	tigervnc	>=0 <1.7.0-2	1.7.0-2
debian 12	tigervnc	>=0 <1.7.0-2	1.7.0-2
debian 14	tigervnc	>=0 <1.7.0-2	1.7.0-2
debian 11	tigervnc	>=0 <1.7.0-2	1.7.0-2
rpm rhel5	vnc	-	-
rpm rhel6	tigervnc	-	-
rpm rhel7	tigervnc	<0:1.3.1-3.el7	0:1.3.1-3.el7

Aliases

1. CVE-2014-82412. NVD-2014-82413. OSV-DEBIAN-2014-82414. OSV-2014-82415. SECURITY-TRACKER-CVE-2014-8241

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.