CVE-2019-15690

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-15690

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-15690.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-15690

Downstream

DEBIAN-CVE-2019-15690

DLA-2146-1

RHSA-2020:0913

RHSA-2020:0920

RHSA-2020:0921

SUSE-SU-2020:1164-1

SUSE-SU-2020:1164-2

SUSE-SU-2020:1165-1

SUSE-SU-2020:14355-1

UBUNTU-CVE-2019-15690

USN-4407-1

openSUSE-SU-2020:0624-1

openSUSE-SU-2024:10598-1

Related

Withdrawn

2026-01-27T04:16:25.240055Z

Published

2025-01-24T18:15:27Z

Modified

2026-01-27T04:16:25.240055Z

Summary

[none]

Details

LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.

References

https://ics-cert.kaspersky.com/vulnerabilities/klcert-20-009-remote-code-execution-on-libvnc-version-prior-to-0-9-12/

Affected packages