Exploit
CVE-2017-5884

Incorrect Access of Indexable Resource ('Range Error') (CWE-118)

Published: Feb 28, 2017 / Updated: 83mo ago

010
No CVSS yetEPSS 0.23%
CVE info copied to clipboard

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.

Timeline

First Article

Feedly found the first article mentioning CVE-2017-5884. See article

Feb 5, 2017 at 2:39 AM / emails2rss.appspot.com
EPSS

EPSS Score was set to: 0.23% (Percentile: 61.1%)

Oct 29, 2023 at 3:27 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (504921)

Jan 8, 2024 at 10:15 PM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (198760)

Jun 4, 2024 at 3:15 AM
Static CVE Timeline Graph

Affected Systems

Fedoraproject/fedora
+null more

Exploits

https://bugzilla.gnome.org/show_bug.cgi?id=778048
+null more

Patches

git.gnome.org
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI