{}

{}

{}

{"affected_release": [{"advisory": "RHSA-2020:0913", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "libvncserver-0:0.9.9-14.el7_7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-23T00:00:00Z"}, {"advisory": "RHSA-2020:0920", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libvncserver-0:0.9.11-9.el8_1.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-03-23T00:00:00Z"}, {"advisory": "RHSA-2020:0921", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "libvncserver-0:0.9.11-9.el8_0.2", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-03-23T00:00:00Z"}], "bugzilla": {"description": "libvncserver: HandleCursorShape() integer overflow resulting in heap-based buffer overflow", "id": "1811948", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811948"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-190->CWE-122", "details": ["A flaw was found in libvncserver. An integer overflow within the HandleCursorShape() function can be exploited to cause a heap-based buffer overflow by tricking a user or application using libvncserver to connect to an unstrusted server and subsequently send cursor shapes with specially crafted dimensions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "mitigation": {"lang": "en:us", "value": "Libvncserver should not be used to connect to untrusted server."}, "name": "CVE-2019-15690", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libvncserver", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2019-12-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-15690\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-15690"], "threat_severity": "Important"}