Lucene search
+L
AttWinvnc

4 matches found

cve
cve
added 2001/05/07 4:0 a.m.67 views

CVE-2000-1164

The CVE-2000-1164 issue affects WinVNC, specifically the WinVNC3 registry key HKLM\Software\ORL\WinVNC3. The root cause is weak permissions that grant read/modify access to the Everybody group (and in some contexts to non-admin users), allowing extraction or alteration of the VNC password and oth...

9CVSS6.2AI score0.01505EPSS
cve
cve
added 2001/03/09 5:0 a.m.64 views

CVE-2001-0167

CVE-2001-0167 describes a buffer overflow in the RealVNC/WinVNC client prior to or at version 3.3.3r7 (WinVNC) that can be triggered by a crafted rfbConnFailed packet and a long reason string, allowing a remote attacker to execute arbitrary code with the user’s privileges. Connected sources show ...

7.6CVSS7.8AI score0.50813EPSS
cve
cve
added 2001/03/09 5:0 a.m.59 views

CVE-2001-0168

CVE-2001-0168 affects AT&T WinVNC Windows server up to version 3.3.3r7. A buffer overflow in the HTTP handling (vncHTTPConnect/Log.cpp) can be triggered by an overly long HTTP GET when the DebugLevel registry key > 0, allowing remote code execution with the privileges of the VNC server user. P...

10CVSS7.8AI score0.7073EPSS
Web
cve
cve
added 2005/03/20 5:0 a.m.46 views

CVE-2001-1422

The CVE-2001-1422 entry concerns WinVNC 3.3.3 and earlier, where generating the same challenge string for multiple connections allows remote attackers to bypass VNC authentication by sniffing the challenge/response of other users. Affected software: WinVNC versions up to 3.3.3 (and earlier). Unde...

7.5CVSS7.5AI score0.02064EPSS