An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client.
This issue was discovered by Tim Waugh of Red Hat. Tigervnc is affected by same thing as in CVE-2014-6051. Integer overflaw leading to a heap-based buffer overflow was found in the way screen sizes were handled. A Malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client.
Created attachment 947578 [details]
tigervnc-1.3.1-CVE-2014-8240.patch (proposed 1.3.1 patch)
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2015:2233 https://rhn.redhat.com/errata/RHSA-2015-2233.html
This issue affects the version of tigervnc as shipped with Red Hat Enterprise Linux 5 and 6. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5 and 6.