Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0388

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-0388
Last Modified 07 Mar 2011 10:18:25
Published 04 Feb 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0388

Summary

Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.

Vulnerable Systems

Application

  • Tightvnc 1.3.9

  • Ultravnc 1.0.2

  • Ultravnc 1.0.5


References

BID - 33568

VUPEN - ADV-2009-0322

VUPEN - ADV-2009-0321

BUGTRAQ - 20090203 CORE-2008-1009 - VNC Multiple Integer Overflows

MILW0RM - 8024

MILW0RM - 7990

MISC - http://www.coresecurity.com/content/vnc-integer-overflows

CONFIRM - http://vnc-tight.svn.sourceforge.net/viewvc/vnc-tight?view=rev&revision=3564

SECUNIA - 33807

CONFIRM - http://forum.ultravnc.info/viewtopic.php?t=14654


Last Updated: 27 May 2016 10:50:14