CVE-2017-7396 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-7396 Interim 1 13 2023-12-08T01:33:17Z current 2021-05-30T13:54:31Z 2023-12-08T01:33:17Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-7396 In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2017-April/002824.html E-Mail link for SUSE-SU-2017:1093-1 https://lists.suse.com/pipermail/sle-security-updates/2017-April/002825.html E-Mail link for SUSE-SU-2017:1094-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 fltk-1.3.4-1.el7 fltk-devel-1.3.4-1.el7 fltk-fluid-1.3.4-1.el7 fltk-static-1.3.4-1.el7 libXvnc1-1.6.0-18.11.1 tigervnc-1.4.3-24.1 tigervnc-1.6.0-18.11.1 tigervnc-1.8.0-1.el7 tigervnc-icons-1.8.0-1.el7 tigervnc-license-1.8.0-1.el7 tigervnc-server-1.8.0-1.el7 tigervnc-server-applet-1.8.0-1.el7 tigervnc-server-minimal-1.8.0-1.el7 tigervnc-server-module-1.8.0-1.el7 xorg-x11-Xvnc-1.4.3-24.1 xorg-x11-Xvnc-1.6.0-18.11.1 fltk-1.3.4-1.el7 as a component of SUSE Liberty Linux 7 fltk-devel-1.3.4-1.el7 as a component of SUSE Liberty Linux 7 fltk-fluid-1.3.4-1.el7 as a component of SUSE Liberty Linux 7 fltk-static-1.3.4-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-icons-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-license-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-server-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-server-applet-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-server-minimal-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-server-module-1.8.0-1.el7 as a component of SUSE Liberty Linux 7 tigervnc-1.4.3-24.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 xorg-x11-Xvnc-1.4.3-24.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libXvnc1-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 tigervnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 xorg-x11-Xvnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 tigervnc-1.4.3-24.1 as a component of SUSE Linux Enterprise Server 12 SP1 xorg-x11-Xvnc-1.4.3-24.1 as a component of SUSE Linux Enterprise Server 12 SP1 libXvnc1-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server 12 SP2 tigervnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server 12 SP2 xorg-x11-Xvnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server 12 SP2 libXvnc1-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 tigervnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 xorg-x11-Xvnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 tigervnc-1.4.3-24.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xorg-x11-Xvnc-1.4.3-24.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 libXvnc1-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 tigervnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 xorg-x11-Xvnc-1.6.0-18.11.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. CVE-2017-7396 SUSE Liberty Linux 7:fltk-1.3.4-1.el7 SUSE Liberty Linux 7:fltk-devel-1.3.4-1.el7 SUSE Liberty Linux 7:fltk-fluid-1.3.4-1.el7 SUSE Liberty Linux 7:fltk-static-1.3.4-1.el7 SUSE Liberty Linux 7:tigervnc-1.8.0-1.el7 SUSE Liberty Linux 7:tigervnc-icons-1.8.0-1.el7 SUSE Liberty Linux 7:tigervnc-license-1.8.0-1.el7 SUSE Liberty Linux 7:tigervnc-server-1.8.0-1.el7 SUSE Liberty Linux 7:tigervnc-server-applet-1.8.0-1.el7 SUSE Liberty Linux 7:tigervnc-server-minimal-1.8.0-1.el7 SUSE Liberty Linux 7:tigervnc-server-module-1.8.0-1.el7 SUSE Linux Enterprise Desktop 12 SP1:tigervnc-1.4.3-24.1 SUSE Linux Enterprise Desktop 12 SP1:xorg-x11-Xvnc-1.4.3-24.1 SUSE Linux Enterprise Desktop 12 SP2:libXvnc1-1.6.0-18.11.1 SUSE Linux Enterprise Desktop 12 SP2:tigervnc-1.6.0-18.11.1 SUSE Linux Enterprise Desktop 12 SP2:xorg-x11-Xvnc-1.6.0-18.11.1 SUSE Linux Enterprise Server 12 SP1:tigervnc-1.4.3-24.1 SUSE Linux Enterprise Server 12 SP1:xorg-x11-Xvnc-1.4.3-24.1 SUSE Linux Enterprise Server 12 SP2:libXvnc1-1.6.0-18.11.1 SUSE Linux Enterprise Server 12 SP2:tigervnc-1.6.0-18.11.1 SUSE Linux Enterprise Server 12 SP2:xorg-x11-Xvnc-1.6.0-18.11.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libXvnc1-1.6.0-18.11.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tigervnc-1.6.0-18.11.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:xorg-x11-Xvnc-1.6.0-18.11.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:tigervnc-1.4.3-24.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xorg-x11-Xvnc-1.4.3-24.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libXvnc1-1.6.0-18.11.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:tigervnc-1.6.0-18.11.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:xorg-x11-Xvnc-1.6.0-18.11.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L