What the vulnerability does

01Description

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Key dates

02Disclosure timeline

March 9, 2019 CVE published
September 16, 2024 Record updated