Vulnerability Note VU#721460
UltraVNC buffer overflow vulnerability
UltraVNC viewer contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute arbitrary code.
UltraVNC viewer is a remote desktop application that allows a user to control compatible VNC servers. The UltraVNC viewer includes a listen mode that accepts connections from remote hosts.
The UltraVNC viewer contains a buffer overflow vulnerability. This vulnerability may be triggered by sending a malformed packet during the protocol negotiation phase of a VNC session.
A remote, unauthenticated attacker may be able to execute arbitrary code.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|UltraVNC||Affected||04 Mar 2008||15 Mar 2008|
CVSS Metrics (Learn More)
Thanks to the UltraVNC team and Secunia for information that was used in this report.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2008-0610
- Date Public: 01 Feb 2008
- Date First Published: 15 Mar 2008
- Date Last Updated: 16 Mar 2008
- Severity Metric: 12.86
- Document Revision: 31
If you have feedback, comments, or additional information about this vulnerability, please send us email.