CVE-2019-8270
N/A
N/A
Summary
UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kaspersky Lab | UltraVNC | 1.2.2.3 | affected |
Weaknesses
- CWE-125: CWE-125: Out-of-bounds Read
ADP Enrichment
CVE Program Container
Additional References
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/
- https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf
- https://www.us-cert.gov/ics/advisories/icsa-20-161-06
References
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/
- https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf
- https://www.us-cert.gov/ics/advisories/icsa-20-161-06
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.