Home

CVE-2019-8261

Description

UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.985

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in UltraVNC (MSI) (x64) 1.2.2.2Windows
Multiple Vulnerabilities are affected in UltraVNC (MSI) 1.2.2.2Windows
Multiple Vulnerabilities are affected in UltraVNC (x64) 1.2.2.2Windows
Multiple Vulnerabilities are affected in UltraVNC (x86) 1.2.2.2Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-349101UltraVNC (x64) (1.6.4.0)
PATCH-349100UltraVNC (1.6.4.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234