4 matches found
CVE-2026-7831 UltraVNC viewer off-by-one stack overflow in ServerInit desktop name parsing
UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer dn2024 and calls ReadStringdn, 2024. ReadString...
EUVD-2026-40883
UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer dn2024 and calls ReadStringdn, 2024. ReadString...
CVE-2026-7831
UltraVNC viewer
PT-2026-54487
Name of the Vulnerable Software and Affected Versions UltraVNC viewer versions prior to 1.8.2.3 Description An off-by-one stack buffer overflow exists in the RFB ServerInit message handler within the vncviewer/ClientConnection.cpp file. When a server-supplied nameLength is exactly 2024, the...