UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.
2019-03-05T15:29:00.320
2024-11-21T04:49:35.510
Modified
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | uvnc | ultravnc | < 1.2.2.3 | Yes |
| Application | siemens | sinumerik_access_mymachine\/p2p | < 4.8 | Yes |
| Application | siemens | sinumerik_pcu_base_win10_software\/ipc | < 14.00 | Yes |
| Application | siemens | sinumerik_pcu_base_win7_software\/ipc | ≤ 12.01 | Yes |