RealVNC 4.1.2 'vncviewer.exe' RFB Protocol Remote Code Execution Vulnerability

Bugtraq ID: 33263
Class: Input Validation Error
CVE: CVE-2008-4770
Remote: Yes
Local: No
Published: Nov 25 2008 12:00AM
Updated: Mar 09 2009 11:06PM
Credit: Benjamin Bennett of the Pittsburgh Supercomputing Center
Vulnerable: Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun OpenSolaris build snv_96
Sun OpenSolaris build snv_95
Sun OpenSolaris build snv_92
Sun OpenSolaris build snv_91
Sun OpenSolaris build snv_90
Sun OpenSolaris build snv_89
Sun OpenSolaris build snv_88
Sun OpenSolaris build snv_87
Sun OpenSolaris build snv_85
Sun OpenSolaris build snv_84
Sun OpenSolaris build snv_83
Sun OpenSolaris build snv_82
Sun OpenSolaris build snv_80
Sun OpenSolaris build snv_78
Sun OpenSolaris build snv_104
Sun OpenSolaris build snv_103
Sun OpenSolaris build snv_102
Sun OpenSolaris build snv_101
Sun OpenSolaris build snv_100
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop version 4
RedHat Desktop 3.0
Red Hat Fedora 9
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux 5 Server
RealVNC RealVNC Free Edition 4.1.2
RealVNC RealVNC 4.1.2
Nortel Networks Self-Service Peri Workstation 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service - CCSS7 0
Gentoo Linux
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Not Vulnerable: RealVNC RealVNC Free Edition 4.1.3
RealVNC RealVNC 4.1.3


 

Privacy Statement
Copyright 2010, SecurityFocus