Gentoo Linux Security Advisory GLSA 200903-17 – The Real VNC client is vulnerable to execution of arbitrary code when connecting to a malicious server. An unspecified vulnerability has been discovered in the CMsgReader::readRect() function in the VNC Viewer component, related to the encoding type of RFB protocol data. Versions less than 4.1.3 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/75540/glsa-200903-17.txt
Source: https://packetstormsecurity.com/files/75540/Gentoo-Linux-Security-Advisory-200903-17.html