CVE-2016-10207
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-10207
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10207.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-10207
- Downstream
- Related
- Published
- 2017-02-28T18:59:00Z
- Modified
- 2025-10-15T07:59:53.254208Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00020.html
- http://rhn.redhat.com/errata/RHSA-2017-0630.html
- http://www.openwall.com/lists/oss-security/2017/02/02/22
- http://www.openwall.com/lists/oss-security/2017/02/05/2
- http://www.securityfocus.com/bid/96012
- https://access.redhat.com/errata/RHSA-2017:2000
- https://bugzilla.suse.com/show_bug.cgi?id=1023012
- https://security.gentoo.org/glsa/201801-13
- https://github.com/TigerVNC/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649
Affected packages
Git / github.com/tigervnc/tigervnc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tigervnc/tigervnc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"digest": {
"length": 112.0,
"function_hash": "171867086992537050808562595137253451655"
},
"signature_type": "Function",
"target": {
"function": "CSecurityTLS::initGlobal",
"file": "common/rfb/CSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-19611f48"
},
{
"digest": {
"length": 189.0,
"function_hash": "143615938699941660139493935875896267695"
},
"signature_type": "Function",
"target": {
"function": "CSecurityTLS::CSecurityTLS",
"file": "common/rfb/CSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-1b379b22"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"18038378363255758733124619104247325849",
"251789473859832987350983471159726478597",
"187149226009871635531125653946408732641",
"310098626382540940586880226780753074325"
]
},
"signature_type": "Line",
"target": {
"file": "common/rfb/SSecurityTLS.h"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-23a25e13"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"47016184762402665857211013828980134991",
"14739059022928281629603962410197672249",
"208097829515035696357918195974998350609",
"338116531157165907600469032379701805630",
"37258264188890863132684076322155099040",
"52665784292041773367884480125743972260",
"147547290665143315137563678094527136411",
"68253324569338186983971426008193033349",
"244019251302256360475137847004404711823",
"73153392213903399666342650987166113190",
"537444984450678251410319115038972606",
"269384273939096516951544083306825059971",
"264021678332221031211448042614440106637",
"283303869134818960039189928381311889685",
"54225545078346727288047382855927900578",
"188785537941265466102941914085768974094",
"231609148711906973653376425934480896995",
"274272315895096938904869381851070518319",
"281753366370543222979483522174296020155",
"243669231770402971657285371272569472738",
"137750489719825901934531685332974466390",
"202929948661104588736386395876585378407",
"151801706208557417360971226436456180816",
"50591871270069884478366366343493057637",
"4168415576508965186549708327414039604",
"102308367761105190088601533977909938436",
"140948179231360278803700214089759666477",
"138362674026882671116716682473606388041"
]
},
"signature_type": "Line",
"target": {
"file": "common/rfb/CSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-3d849f54"
},
{
"digest": {
"length": 239.0,
"function_hash": "117921951294049063762736889756442498675"
},
"signature_type": "Function",
"target": {
"function": "SSecurityTLS::SSecurityTLS",
"file": "common/rfb/SSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-3f44d24c"
},
{
"digest": {
"length": 1185.0,
"function_hash": "91009934028345850828962024523836544592"
},
"signature_type": "Function",
"target": {
"function": "CSecurityTLS::processMsg",
"file": "common/rfb/CSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-4cddd397"
},
{
"digest": {
"length": 375.0,
"function_hash": "47527870632323908057787090714443928005"
},
"signature_type": "Function",
"target": {
"function": "CSecurityTLS::shutdown",
"file": "common/rfb/CSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-541e8dc7"
},
{
"digest": {
"length": 1122.0,
"function_hash": "110008714942387404494197341932370714899"
},
"signature_type": "Function",
"target": {
"function": "SSecurityTLS::processMsg",
"file": "common/rfb/SSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-5ac842f3"
},
{
"digest": {
"length": 146.0,
"function_hash": "143103637450376446994539111979407402166"
},
"signature_type": "Function",
"target": {
"function": "CSecurityTLS::~CSecurityTLS",
"file": "common/rfb/CSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-6b8e434e"
},
{
"digest": {
"length": 447.0,
"function_hash": "328804183454485325181308051578677981116"
},
"signature_type": "Function",
"target": {
"function": "SSecurityTLS::shutdown",
"file": "common/rfb/SSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-7868ced7"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"18384268377593114276624972311292748448",
"324508896151555071258731921665183098181",
"183648548515803175305686827365835116866",
"266066711548734101390444500312153530786"
]
},
"signature_type": "Line",
"target": {
"file": "common/rfb/CSecurityTLS.h"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-8281f664"
},
{
"digest": {
"length": 143.0,
"function_hash": "278599526013551087084286747111909968480"
},
"signature_type": "Function",
"target": {
"function": "SSecurityTLS::~SSecurityTLS",
"file": "common/rfb/SSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-88a33fda"
},
{
"digest": {
"length": 186.0,
"function_hash": "178838927178404697536611136134124885315"
},
"signature_type": "Function",
"target": {
"function": "SSecurityTLS::initGlobal",
"file": "common/rfb/SSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-c556e9b5"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"193366379201603514282967251791993757511",
"162449171171199331837689809403399138281",
"105694737345544347405731606953014521492",
"141592114001221053304789259914304269634",
"320035609919290039387174728535728075335",
"42402890074968989902183544643906054382",
"277190617946176371650077840996346359009",
"75477022446268391367044340044873005902",
"96735996688712332269542259469881590003",
"249915921519708121806658719044725650344",
"244015502702182887407727905749731780371",
"207730539695194737891978326304900769682",
"42608522899225028876781122031175164511",
"225341055472229949499622099938992518614",
"203053296191004842925884098470326697210",
"161731140184750727894245822418978686615",
"115818982889238420764950013804723890382",
"322499732133479933428818386095300957194",
"231609148711906973653376425934480896995",
"274272315895096938904869381851070518319",
"281753366370543222979483522174296020155",
"98083892520746183583372896168608846671",
"332543445791733147059889352361899803056",
"289232855498334505422957878127380518575",
"147655543382129523822566660997759854188",
"295691885390649557064153052314859365691",
"78143404245315234934020045265503468514",
"201023837592470264050101834780845905847",
"80003818200454989915250678776661792402",
"287763079786402743856649510257450450595"
]
},
"signature_type": "Line",
"target": {
"file": "common/rfb/SSecurityTLS.cxx"
},
"deprecated": false,
"source": "https://github.com/tigervnc/tigervnc/commit/8aa4bc53206c2430bbf0c8f4b642f59a379ee649",
"signature_version": "v1",
"id": "CVE-2016-10207-d695b93c"
}
]