{"containers": {"cna": {"affected": [{"product": "TightVNC", "vendor": "Kaspersky", "versions": [{"status": "affected", "version": "1.3.10"}]}], "descriptions": [{"lang": "en", "value": "TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-09T16:19:04", "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988", "shortName": "Kaspersky"}, "references": [{"name": "[oss-security] 20181210 libvnc and tightvnc vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://www.openwall.com/lists/oss-security/2018/12/10/5"}, {"name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"name": "USN-4407-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4407-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnerability@kaspersky.com", "ID": "CVE-2019-15680", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "TightVNC", "version": {"version_data": [{"version_value": "1.3.10"}]}}]}, "vendor_name": "Kaspersky"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-476: NULL Pointer Dereference"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20181210 libvnc and tightvnc vulnerabilities", "refsource": "MLIST", "url": "https://www.openwall.com/lists/oss-security/2018/12/10/5"}, {"name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"name": "USN-4407-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4407-1/"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf"}, {"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:56:22.088Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20181210 libvnc and tightvnc vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2018/12/10/5"}, {"name": "[debian-lts-announce] 20191221 [SECURITY] [DLA 2045-1] tightvnc security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"name": "USN-4407-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4407-1/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08"}]}]}, "cveMetadata": {"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988", "assignerShortName": "Kaspersky", "cveId": "CVE-2019-15680", "datePublished": "2019-10-29T16:45:52", "dateReserved": "2019-08-27T00:00:00", "dateUpdated": "2024-08-05T00:56:22.088Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tightvnc:tightvnc:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "37E2BF43-0B3B-4BDD-B145-62E7333F4A93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity."}, {"lang": "es", "value": "El c\u00f3digo de TightVNC versi\u00f3n 1.3.10, contiene una desreferencia del puntero null en la funci\u00f3n HandleZlibBPP, lo que resulta en una Denegaci\u00f3n del Sistema (DoS). Este ataque parece ser explotable por medio de la conectividad de red."}], "id": "CVE-2019-15680", "lastModified": "2024-11-21T04:29:14.937", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-29T19:15:18.033", "references": [{"source": "vulnerability@kaspersky.com", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf"}, {"source": "vulnerability@kaspersky.com", "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"source": "vulnerability@kaspersky.com", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08"}, {"source": "vulnerability@kaspersky.com", "url": "https://usn.ubuntu.com/4407-1/"}, {"source": "vulnerability@kaspersky.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2018/12/10/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/4407-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2018/12/10/5"}], "sourceIdentifier": "vulnerability@kaspersky.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "vulnerability@kaspersky.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}