CRITICAL🇬🇧 English

CVE-2019-8266

CVSS 9.8v3.0pub. 2019-03-08upd. 2024-11-21

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Uvnc Ultravnc

    APP
    Uvnc
    < 1.2.2.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2026-7839CRITICAL9.1ten sam produkt

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password...

CVE-2019-8271CRITICAL9.8ten sam produkt

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handle...

CVE-2019-8264CRITICAL9.8ten sam produkt

UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can p...

CVE-2019-8265CRITICAL9.8ten sam produkt

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETP...

CVE-2019-8268CRITICAL9.8ten sam produkt

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usag...