CVE-2020-37133
6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| UltraVNC Team | UltraVNC Launcher | 1.2.4.0 | affected |
Weaknesses
- CWE-121: Stack-based Buffer Overflow
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
References
- https://www.exploit-db.com/exploits/48288
- https://www.uvnc.com/
- https://www.vulncheck.com/advisories/ultravnc-launcher-repeaterhost-denial-of-service
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.