CentOS Local Security Checks : CentOS: Security Advisory for tigervnc (CESA-2023:0675)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.884272

Categoría: CentOS Local Security Checks

Título: CentOS: Security Advisory for tigervnc (CESA-2023:0675)

Resumen: The remote host is missing an update for the 'tigervnc'; package(s) announced via the CESA-2023:0675 advisory.

Descripción: Summary:
The remote host is missing an update for the 'tigervnc'
package(s) announced via the CESA-2023:0675 advisory.

Vulnerability Insight:
Virtual Network Computing (VNC) is a remote display system which allows
users to view a computing desktop environment not only on the machine where
it is running, but from anywhere on the Internet and from a wide variety of
machine architectures. TigerVNC is a suite of VNC servers and clients.

X.Org is an open-source implementation of the X Window System. It provides
the basic low-level functionality that full-fledged graphical user
interfaces are designed upon.

Security Fix(es):

* xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege
elevation (CVE-2023-0494)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Affected Software/OS:
'tigervnc' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-0494
https://security.gentoo.org/glsa/202305-30
https://bugzilla.redhat.com/show_bug.cgi?id=2165995
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec
https://lists.x.org/archives/xorg-announce/2023-February/003320.html

Copyright Copyright (C) 2023 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.884272
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for tigervnc (CESA-2023:0675)
Resumen:	The remote host is missing an update for the 'tigervnc'; package(s) announced via the CESA-2023:0675 advisory.
Descripción:	Summary: The remote host is missing an update for the 'tigervnc' package(s) announced via the CESA-2023:0675 advisory. Vulnerability Insight: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'tigervnc' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-0494 https://security.gentoo.org/glsa/202305-30 https://bugzilla.redhat.com/show_bug.cgi?id=2165995 https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec https://lists.x.org/archives/xorg-announce/2023-February/003320.html
Copyright	Copyright (C) 2023 Greenbone Networks GmbH