In particular, following 4 issues are related to to tightvnc viewer:
```
1. global buffer overflow in corre.c
In `vnc_unixsrc/vncviewer/corre.c` inside the `HandleCoRREBPP` function
global buffer overflow occurs due to the lack of size check.
`buffer` is defined in rfbproto.c:96 as
overview of the vulnerabilities:
https://www.openwall.com/lists/oss-security/2018/12/10/5
Best Regards,
Pavel Cheremushkin
Security Researcher| ICS CERT Vulnerability Research Group | Kaspersky Lab
39A bld.2 Leningradskoye Highway, Moscow 125212, Russia |
www.kaspersky.com<http://www.kaspersky.
