Home / Advisories

Advisories

KLCERT-19-024: UltraVNC Improper Initialization

01 March 2019

UltraVNC revision 1211 contains multiple memory leaks (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-023: UltraVNC Stack-based Buffer Overflow

01 March 2019

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can results Denial of System (DoS). This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-022: UltraVNC Improper Null Termination

01 March 2019

UltraVNC revision 1211 has a multiple improper null termination vulnerabilities in VNC server code, which result out-of-bound data being access by remote user. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-021: UltraVNC Heap-based Buffer Overflow

01 March 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-020: UltraVNC Heap-based Buffer Overflow

01 March 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-019: UltraVNC Off-by-one Error

01 March 2019

UltraVNC revision 1211 has a multiple off-by-one vulnerabilities in VNC server code, which can potentially result code execution. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-018: UltraVNC Heap-based Buffer Overflow

01 March 2019

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-017: UltraVNC Out-of-bounds Read

01 March 2019

UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211. Successful exploitation of this vulnerability could allow an attacker to cause denial of service.
KLCERT-19-016: UltraVNC Stack-based Buffer Overflow

01 March 2019

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207. Successful exploitation of this vulnerability could allow an attacker to cause denial of service.
KLCERT-19-015: UltraVNC Off-by-one Error

01 March 2019

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.