Vulnerabilities

CVE-2019-8268

by Fred · 08/03/2019

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.

Date published : 2019-03-08

https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/

Similar

Tags: Cybersecurity Alert