CVE-2019-25600— UltraVNC Viewer 1.2.2.4 Denial of Service via Buffer Overflow

UltraVNC Viewer 1.2.2.4 Denial of Service via Buffer Overflow

UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

跨界内存写

UltraVNC Viewer 缓冲区错误漏洞

UltraVNC Viewer是UltraVNC公司的一个远程桌面客户端。 UltraVNC Viewer 1.2.2.4版本存在缓冲区错误漏洞，该漏洞源于VNC Server输入字段存在拒绝服务，可能导致攻击者通过提供超大字符串使应用程序崩溃。

N/A

N/A