UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uvnc ultravnc |
||
siemens sinumerik access mymachine\\/p2p |
||
siemens sinumerik pcu base win10 software\\/ipc |
||
siemens sinumerik pcu base win7 software\\/ipc |