UltraVNC viewer contains a buffer overflow vulnerability. If exploited, this vulnerability may allow an attacker to execute arbitrary code.
UltraVNC viewer is a remote desktop application that allows a user to control compatible VNC servers. The UltraVNC viewer includes a listen mode that accepts connections from remote hosts.
The UltraVNC viewer contains a buffer overflow vulnerability. This vulnerability may be triggered by sending a malformed packet during the protocol negotiation phase of a VNC session.
A remote, unauthenticated attacker may be able to execute arbitrary code.
Thanks to the UltraVNC team and Secunia for information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2008-03-15|
|Date Last Updated:||2008-03-17 01:22 UTC|