CVSS: 6.5EPSS: 1%CPEs: 4EXPL: 0CVE-2019-8263
https://notcve.org/view.php?id=CVE-2019-8263
05 Mar 2019 — UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206. UltraVNC, en su revisión 1205, tiene un desbordamiento de búfer basado en pila en el código del cliente VNC dentro de la rutina ShowConnInfo, lo cual conduce a una cond... • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-8260
https://notcve.org/view.php?id=CVE-2019-8260
05 Mar 2019 — UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200. UltraVNC, en su revisión 1198, contiene una vulnerabilidad de lectura fuera de límites en el código del decodificador RRE del cliente VNC, provocado por el desbordamiento de multiplicaciones. Este ataque parece ser explotable mediante la conectividad de red. • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 0CVE-2019-8262
https://notcve.org/view.php?id=CVE-2019-8262
05 Mar 2019 — UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204. UltraVNC, en su revisión 1203, tiene múltiples vulnerabilidades de desbordamiento de búfer de memoria dinámica (heap) en el código del cliente VNC dentro del decodificador Ultra, lo que resulta en la ejecución de código. Este ataque parece ser e... • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5248
https://notcve.org/view.php?id=CVE-2010-5248
07 Sep 2012 — Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local users to gain privileges via a Trojan horse vnclang.dll file in the current working directory, as demonstrated by a directory that contains a .vnc file. NOTE: some of these details are obtained from third party information. Vulnerabilidad de path de búsqueda no confiable en UltraVNC v1.0.8.2, permite a usuario locales obtener privilegios a través de un fichero vnclang.dll troyanizado en el directorio de trabajo actual, como se demostró med... • http://secunia.com/advisories/41208 •
CVSS: 10.0EPSS: 48%CPEs: 3EXPL: 4CVE-2009-0388 – TightVNC - Authentication Failure Integer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-0388
04 Feb 2009 — Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp. Errores múltiples de signo de entero en (1) UltraVNC v1.0.2 y v1.0.5 y (2) TightVnc v1.3.9 permiten a atacantes remot... • https://www.exploit-db.com/exploits/8024 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 0CVE-2008-5001
https://notcve.org/view.php?id=CVE-2008-5001
10 Nov 2008 — Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610. Múltiples desbordamientos basados en pila en múltiples funciones en vncviewer/FileTransfer.cpp en vncviewer para UltraVNC v1.0.2 y v1.0.4 versiones ... • http://forum.ultravnc.info/viewtopic.php?p=45150#45150 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 74%CPEs: 5EXPL: 3CVE-2008-0610 – UltraVNC 1.0.2 Client - 'vncviewer.exe' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0610
06 Feb 2008 — Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a modified size value. Desbordamiento de búfer basado en pila en la función ClientConnection::NegotiateProtocolVersion en vncviewer/ClientConnection.cpp de vncviewer para UltraVNC 1.0.2 y ... • https://www.exploit-db.com/exploits/18666 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-2206
https://notcve.org/view.php?id=CVE-2006-2206
05 May 2006 — The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote attackers to gain privileges by sniffing and decrypting passwords. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0057.html •