Multiple VNC Clients Multiple Integer Overflow Vulnerabilities
Multiple VNC clients are prone to integer-overflow vulnerabilities because they fail to properly validate data supplied by the VNC server.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.
The following are vulnerable to these issues;
UltraVNC prior to 220.127.116.11
TightVNC prior to 1.3.10
Other VNC applications may also be affected.