CVE-2019-8262

Beschreibung:
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.

CWE: CWE-787 CWE-787

CVSS-Bewertung
CVSS 2: HIGH – 7.5 (Version: 2.0)
CVSS 3: CRITICAL – 9.8 (Version: 3.1)

Links:

NVD – CVE-2019-8262
CVE – CVE-2019-8262

Link (max. 20) Quelle Tags
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-008-ultravnc-heap-based-buffer-overflow/ MISC Third Party Advisory Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf CONFIRM Third Party Advisory Third Party Advisory Third Party Advisory
https://www.us-cert.gov/ics/advisories/icsa-20-161-06 MISC Third Party Advisory US Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf CONFIRM Third Party Advisory US Government Resource VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf CONFIRM Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf CONFIRM Patch Third Party Advisory
DSA-4456 DEBIAN Mailing List Third Party Advisory
20190605 [SECURITY] [DSA 4456-1] exim4 security update BUGTRAQ Mailing List Third Party Advisory
GLSA-201906-01 GENTOO
[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit MLIST
108679 BID
openSUSE-SU-2019:1524 SUSE
http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html MISC
20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149) FULLDISC
http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html MISC
[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 MLIST
[oss-security] 20190725 Re: Statistics for distros lists updated for 2019Q2 MLIST
[oss-security] 20190726 Re: Statistics for distros lists updated for 2019Q2 MLIST
http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html MISC
[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim MLIST

Quelle: NVD – CVE-2019-8262
Datum Veröffentlichung: 2019-03-05T15:29Z, Datum letzte Änderung: 2021-05-11T13:15Z