Design/Logic Flaw

2012-09-0710:32:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local users to gain privileges via a Trojan horse vnclang.dll file in the current working directory, as demonstrated by a directory that contains a .vnc file. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
ultravnceq1.0.8.2

CPE	Name	Operator	Version
	ultravnc	eq	1.0.8.2

References

secunia.com/advisories/41208

web.archive.org/web/20100924002712/http://www.uvnc.com/download/