Vulnerabilities > Ultravnc > Ultravnc > 1.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-04 | CVE-2009-0388 | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp. | 10.0 |
2008-11-10 | CVE-2008-5001 | Buffer Errors vulnerability in Ultravnc 1.0.2/1.0.4 Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610. | 9.3 |
2008-02-06 | CVE-2008-0610 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ultravnc Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a modified size value. | 9.3 |