UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSiemens Sinumerik Access Mymachine\/p2p
APPSiemens< 4.8Siemens Sinumerik Pcu Base Win10 Software\/ipc
APPSiemens< 14.00Siemens Sinumerik Pcu Base Win7 Software\/ipc
APPSiemens≤ 12.01Uvnc Ultravnc
APPUvnc< 1.2.2.3
Related vulnerabilities
UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password...
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usag...
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can p...
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETP...
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of Clie...