← Back

Tightgatevnc

tightgatevnc

Vendor: M Privacy • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-47251
1M Privacy
2Mprivacy Tools
Tightgatevnc
Nov 21, 2024
Nov 22, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer...Show more
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool directory, and then sending a signal to the VNC service, which automatically transfers them to the connected VNC client's filesystem.Show less
CVE-2023-47250
1M Privacy
3Mprivacy Tools
Rsbac Policy TgproTightgatevnc
Nov 21, 2024
Nov 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers (with access to a VNC session) to access the X11 desktops of other users by...Show more
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers (with access to a VNC session) to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop, including the ability to inject keystrokes and perform a keylogging attack.Show less