KLA10364
ACE vulnerability in UltraVNC & TightVNC
Updated: 11/15/2018
Detect date
?
02/04/2009
Severity
?
Critical
Description

Integer signing errors were found in UltraVNC & TightVNC. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message.

Affected products

UltraVNC versions 1.0.2 and 1.0.5
TightVNC version 1.3.9

Solution

Update to latest version
UltraVNC
TightVNC

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
UltraVNC
TightVNC Viewer
TightVNC Server
CVE-IDS
?

CVE-2009-0388