VDB
DEBIAN-CVE-2019-15680
DEBIAN-CVE-2019-15680
PUBLISHED
CVSS 7.5 HIGH
TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | libvncserver | *, *, 0.9.15+dfsg-4 |
| Debian:14 | libvncserver | 0.9.15+dfsg-3, 0, 0.9.15+dfsg |
| Debian:11 | libvncserver | 0.9.14+dfsg, 0.9.15+dfsg, 0.9.15+dfsg |
| Debian:12 | tightvnc | 0, 0, 0 |
| Debian:13 | libvncserver | *, 0.9.15+dfsg-2, 0.9.15+dfsg-4 |
| Debian:13 | tightvnc | 0, 0, 0 |
| Debian:11 | tightvnc | 0, 0, 0 |
| Debian:14 | tightvnc | 0, 0, 0 |
Timeline
- Oct 29, 2019 CVE Published
- Apr 28, 2026 CVE Updated