23 matches found
CVE-2019-8272
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...
CVE-2019-8274
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
CVE-2019-8277
UltraVNC revision 1211 contains multiple memory leaks CWE-665 in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...
CVE-2019-8275
UltraVNC revision 1211 contains multiple improper null termination vulnerabilities in the VNC server code, allowing out-of-bounds data access via network. CVSS v3.1 base score 9.8. Affected: UltraVNC 1211; fix: upgrade to revision 1212 (addressed in the same family of issues).
CVE-2019-8271
UltraVNC revision 1211 contains a heap-based buffer overflow in the VNC server file transfer handler that could potentially allow remote code execution when exploited over the network. The issue is fixed in revision 1212; affected products are UltraVNC with the vulnerable server component, and re...
CVE-2019-8272
UltraVNC 1211 contains off-by-one vulnerabilities in the VNC server code that can potentially lead to remote code execution when exploited over a network. The issue is fixed in revision 1212. A Nessus plugin also documents other related UltraVNC CVEs (e.g., 2019-8274, 2019-8271) affecting version...
CVE-2019-8277
UltraVNC revision 1211 contains multiple memory-leak vulnerabilities (CWE-665) in the VNC server code that can allow an attacker to read stack memory and, with other vulnerabilities, bypass ASLR. The issues are exploitable via network connectivity and have been fixed in revision 1212. This CVE en...
CVE-2019-8273
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
CVE-2019-8276
UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
CVE-2019-8272
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...
Stack overflow
UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
Heap overflow
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
CVE-2019-8274
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
CVE-2019-8277
UltraVNC revision 1211 contains multiple memory leaks CWE-665 in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...
Out-of-bounds
UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service DoS condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211...
CVE-2019-8275
UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...
CVE-2019-8272
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...
CVE-2019-8275
UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...
Heap overflow
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
Heap overflow
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...