Dameware Remote Mini Control vulnerabilities
2 known vulnerabilities affecting dameware/remote_mini_control.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2019-3955P3HIGHCVSS 7.5≤ 12.1.0.342019-06-07
CVE-2019-3955 [HIGH] CWE-787 CVE-2019-3955: Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap over
Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthenticated remote attacker can cause a heap buffer overflow by specifying a large RsaPubKeyLen, which could cause a denial of service.
nvd
CVE-2019-3956P3HIGHCVSS 7.4≤ 12.1.0.342019-06-07
CVE-2019-3956 [HIGH] CWE-20 CVE-2019-3956: Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer o
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which could crash the application or leak sensitive information.
nvd