What the vulnerability does

01Description

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.

Key dates

02Disclosure timeline

December 26, 2019 CVE published
August 5, 2024 Record updated