CVE-2017-7393

Metadata

medium
6.5
tigervnc
CVE-2017-7393
cve.mitre.org, bugs.debian.org
2017-03-31
2017-10-23 14:17
ALAS-2017-879
CVE-2017-7393 tigervnc
2017-06-16 19:22
2017-05-10 23:46
2017-04-14 10:20
2017-04-04 02:03

Description

In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
artful tigervnc None
devel tigervnc None
upstream tigervnc None
zesty tigervnc None

Unaffected

Release Package Reason
precise tigervnc DNE
precise/esm tigervnc DNE
trusty tigervnc DNE
vivid/stable-phone-overlay tigervnc DNE
vivid/ubuntu-core tigervnc DNE
xenial tigervnc DNE
yakkety tigervnc DNE