In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool directory, and then sending a signal to the VNC service, which automatically transfers them to the connected VNC client's filesystem.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-22T00:00:00
Updated: 2024-08-02T21:09:35.925Z
Reserved: 2023-11-04T00:00:00
Link: CVE-2023-47251
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-11-22T18:15:08.930
Modified: 2023-11-30T20:49:57.593
Link: CVE-2023-47251
Redhat
No data.