Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and previous versions and (b) tabbed_viewer 1.29 (1) allow user-assisted remote malicious users to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote malicious users to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ultravnc vnc viewer 1.0.1 |
||
ultravnc tabbed viewer 1.29 |