CVE-2023-47251
- Reference to the description:
- Description:
- In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, a Directory Traversal in the print function of the VNC service allows authenticated attackers (with access to a VNC session) to automatically transfer malicious PDF documents by moving them into the .spool directory, and then sending a signal to the VNC service, which automatically transfers them to the connected VNC client's filesystem.
- Last updated date:
- 11/30/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/30/2023
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/30/2023
- Reference url to background