CVE-2019-15680

{"id": "CVE-2019-15680", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-10-29T19:15:18.033", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf", "source": "vulnerability@kaspersky.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html", "source": "vulnerability@kaspersky.com"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08", "source": "vulnerability@kaspersky.com"}, {"url": "https://usn.ubuntu.com/4407-1/", "source": "vulnerability@kaspersky.com"}, {"url": "https://www.openwall.com/lists/oss-security/2018/12/10/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "vulnerability@kaspersky.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478893.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00028.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-08", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/4407-1/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.openwall.com/lists/oss-security/2018/12/10/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "vulnerability@kaspersky.com", "description": [{"lang": "en", "value": "CWE-476"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to be exploitable via network connectivity."}, {"lang": "es", "value": "El c\u00f3digo de TightVNC versi\u00f3n 1.3.10, contiene una desreferencia del puntero null en la funci\u00f3n HandleZlibBPP, lo que resulta en una Denegaci\u00f3n del Sistema (DoS). Este ataque parece ser explotable por medio de la conectividad de red."}], "lastModified": "2024-11-21T04:29:14.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tightvnc:tightvnc:1.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37E2BF43-0B3B-4BDD-B145-62E7333F4A93"}], "operator": "OR"}]}], "sourceIdentifier": "vulnerability@kaspersky.com"}