Multiple VNC Clients Multiple Integer Overflow Vulnerabilities

Bugtraq ID: 33568
Class: Boundary Condition Error
CVE: CVE-2009-0388
Remote: Yes
Local: No
Published: Feb 03 2009 12:00AM
Updated: Dec 02 2009 06:54PM
Credit: Ariel Futoransky, Fernando Russ and Alfredo Ortega from Core Security Technologies
Vulnerable: UltraVNC UltraVNC 1.0.2
UltraVNC UltraVNC 104 RC8
UltraVNC UltraVNC 104 RC7
UltraVNC UltraVNC 104 RC6
UltraVNC UltraVNC 1.0.8.2
TightVNC TightVNC 1.3.9
TightVNC TightVNC 1.2.9
TightVNC TightVNC 1.2.7
TightVNC TightVNC 1.2.6
TightVNC TightVNC 1.2.5
+ Mandriva Linux Mandrake 9.0
TightVNC TightVNC 1.2.4
TightVNC TightVNC 1.2.3
TightVNC TightVNC 1.2.2
TightVNC TightVNC 1.2.1
TightVNC TightVNC 1.2 .0
Nortel Networks Self-Service Speech Server 0
Nortel Networks Self-Service Peri Application 0
Nortel Networks Self-Service MPS 500 0
Nortel Networks Self-Service MPS 1000 0
Nortel Networks Self-Service Media Processing Server 0
Avaya Labs Libsafe 1.2.5
Avaya Labs Libsafe 1.2.4
Avaya Labs Libsafe 1.2.3
Avaya Labs Libsafe 1.2.2
Not Vulnerable: UltraVNC UltraVNC 1.0.5 .4
TightVNC TightVNC 1.3.10


 

Privacy Statement
Copyright 2010, SecurityFocus