RealVNC 4.0 and previous versions allows remote malicious users to cause a denial of service (crash) via a large number of connections to port 5900.
vnc realvnc 4.0