cbcvebase.

Att Winvnc vulnerabilities

4 known vulnerabilities affecting att/winvnc.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2

Vulnerabilities

Page 1 of 1
CVE-2001-0168P3CRITICALCVSS 10.0PoC≤ 3.3.3r72001-05-03
CVE-2001-0168 [CRITICAL] CVE-2001-0168: Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.
nvd
CVE-2001-0167P3HIGHCVSS 7.6PoC≤ 3.3.3r72001-05-03
CVE-2001-0167 [HIGH] CVE-2001-0167: Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
nvd
CVE-2001-1422P4HIGHCVSS 7.5≤ 3.3.32001-01-23
CVE-2001-1422 [HIGH] CVE-2001-1422: WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
nvd
CVE-2000-1164P4CRITICALCVSS 9.0v3.3.3v3.3.3r72001-01-09
CVE-2000-1164 [CRITICAL] CVE-2000-1164: WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.
nvd
Att Winvnc vulnerabilities | cvebase