Uvnc Ultravnc vulnerabilities

CVE-2019-8260 [CRITICAL] CWE-125 CVE-2019-8260: UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

CVE-2019-8258 [CRITICAL] CWE-122 CVE-2019-8258: UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results cod UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

CVE-2019-8261 [CRITICAL] CWE-125 CVE-2019-8261: UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decode UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

CVE-2019-8262 [CRITICAL] CWE-122 CVE-2019-8262: UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside U UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.

CVE-2019-8259 [HIGH] CWE-665 CVE-2019-8259: UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an a UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have

CVE-2019-8263 [MEDIUM] CWE-121 CVE-2019-8263: UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowC UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206.