8 matches found
CVE-2019-8259
UltraVNC revision 1198 contains multiple memory leaks CWE-655 in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...
CVE-2019-8258
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199...
Heap overflow
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199...
Buffer overflow
UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199...
CVE-2018-15361
UltraVNC revision 1198 contains a buffer underflow in the VNC client code that could potentially allow code execution. The vulnerability is exploitable over network connectivity, and Siemens/CISA context confirms the fix is to upgrade to revision 1199. No further technical details are provided in...
CVE-2019-8259
UltraVNC revision 1198 contains multiple memory leaks CWE-655 in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...
CVE-2019-8258
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199...
CVE-2019-8258
UltraVNC revision 1198 contains a heap-based buffer overflow in the VNC client code that can lead to code execution and is exploitable over the network. The issue is fixed in revision 1199. Affected product: UltraVNC (VNC client component). Mitigation: upgrade to revision 1199 or later to remedia...