CVE-2008-0610

Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a modified size value.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
ultravncultravnc
1.0.2
ultravncultravnc
1.0.4
ultravncultravnc
1.0.4_rc6
ultravncultravnc
1.0.4_rc7
ultravncultravnc
1.0.4_rc8
𝑥
= Vulnerable software versions