RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability
BID:30499
Info
RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability
| Bugtraq ID: | 30499 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2008-3493 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 01 2008 12:00AM |
| Updated: | May 07 2015 05:25PM |
| Credit: | beford |
| Vulnerable: |
RealVNC RealVNC 4.1.2 |
| Not Vulnerable: | |
Discussion
RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability
RealVNC Viewer is prone to a remote denial-of-service vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed.
RealVNC 4.1.2 is vulnerable; other versions may also be affected.
RealVNC Viewer is prone to a remote denial-of-service vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, the attacker may also be able to execute arbitrary code, but this has not been confirmed.
RealVNC 4.1.2 is vulnerable; other versions may also be affected.
Exploit / POC
RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability
The following exploits are available:
The following exploits are available:
Solution / Fix
RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability
References:
References:
- RealVNC Homepage (RealVNC)