CVE-2014-8241

9.8 CRITICAL

Published: December 14, 2016 Modified: May 06, 2026

Description

XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer dereference) by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://seclists.org/oss-sec/2014/q4/278

Source: cve@mitre.org

Mailing List

http://seclists.org/oss-sec/2014/q4/300

Source: cve@mitre.org

Mailing List

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Source: cve@mitre.org

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/70390

Source: cve@mitre.org

Third Party Advisory VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1151312

Source: cve@mitre.org

Issue Tracking

https://rhn.redhat.com/errata/RHSA-2015-2233.html

Source: cve@mitre.org

Third Party Advisory

http://seclists.org/oss-sec/2014/q4/278