This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
CORE Security Technologies reports :
A format string error has been found on the vinagre_utils_show_error()
function that can be exploited via commands issued from a malicious
server containing format string specifiers on the VNC name.
In a web-based attack scenario, the user would be required to connect
to a malicious server. Successful exploitation would then allow the
attacker to execute arbitrary code with the privileges of the Vinagre
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.3
Public Exploit Available : true