Lucene search

K
cve[email protected]CVE-2019-8269
HistoryMar 08, 2019 - 11:29 p.m.

CVE-2019-8269

2019-03-0823:29:00
CWE-787
CWE-121
web.nvd.nist.gov
31
ultravnc
revision 1206
stack-based
buffer overflow
vulnerability
vnc client
filetransfer module
denial of service
dos
cve-2019-8269
network connectivity
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.4%

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207.

Affected configurations

NVD
Node
uvncultravncRange<1.2.2.3
Node
siemenssinumerik_access_mymachine\/p2pRange<4.8
OR
siemenssinumerik_pcu_base_win10_software\/ipcRange<14.00
OR
siemenssinumerik_pcu_base_win7_software\/ipcRange12.01
CPENameOperatorVersion
uvnc:ultravncuvnc ultravnclt1.2.2.3

CNA Affected

[
  {
    "product": "UltraVNC",
    "vendor": "Kaspersky Lab",
    "versions": [
      {
        "status": "affected",
        "version": "1.2.2.3"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.4%

Related for CVE-2019-8269