CVE-2019-8267 Information
Feb 14, 2021
cve
Description
UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC client code inside TextChat module which results in a denial of service (DoS) condition. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1208.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-014-ultravnc-out-of-bounds-read/ https://www.us-cert.gov/ics/advisories/icsa-20-161-06
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
7.5
Share on: