CVE-2022-23967

Name of the Vulnerable Software and Affected Versions TightVNC version 1.3.10

Description The issue is caused by an integer signedness error and a resultant heap-based buffer overflow in the InitialiseRFBConnection function in rfbproto.c, which is part of the vncviewer component. This error occurs because there is no check on the size given to malloc, allowing for the allocation of a chunk of size zero, which can provide a heap pointer. An attacker can send a large amount of data, specifically 0xffffffff bytes, which can lead to a denial of service (DoS) or potentially allow for remote code execution.

Recommendations For TightVNC version 1.3.10, as a temporary workaround, consider disabling the InitialiseRFBConnection function in rfbproto.c until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.