CVE-2019-8266Access of Memory Location After End of Buffer in Ultravnc

CWE-788Access of Memory Location After End of BufferCWE-125Out-of-bounds ReadCWE-787Out-of-bounds Write3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
1.3%
top 20.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Uvnc UltravncKaspersky LAB Ultravnc
Timeline
PublishedMar 8
Latest updateMay 13

Description

UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDuvnc/ultravnc< 1.2.2.3
CVEListV5kaspersky_lab/ultravnc1.2.2.3

🔴Vulnerability Details

1
GHSA
GHSA-h88h-84v5-wrjr: UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC2022-05-13

📋Vendor Advisories

1
CISA ICS
Siemens SINUMERIK2020-06-12