UltraVNC ClientConnection integer overflow

Added: 02/20/2009
CVE: CVE-2009-0388
BID: 33568

Background

UltraVNC is free software for remote desktop access.

Problem

Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length value.

Resolution

Upgrade to UltraVNC Viewer 1.0.5.4 or higher.

References

http://www.securityfocus.com/archive/1/500632

Limitations

Exploit works on UltraVNC 1.0.5.3 and requires a user to connect to the exploit server.

Due to the nature of the vulnerability, the success of this exploit may depend on the state of the target system.

Platforms

Windows

Back to exploit index