Vulnerabilities > Gnome > GTK VNC > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-1000044 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Gtk-Vnc 0.4.2
gtk-vnc 0.4.2 and older doesn't check framebuffer boundaries correctly when updating framebuffer which may lead to memory corruption when rendering
network
low complexity
gnome CWE-119
critical
9.8
2017-02-28 CVE-2017-5885 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
network
low complexity
fedoraproject gnome CWE-190
critical
9.8