KLA11371
ACE vulnerability in TightVNC
Updated: 06/18/2020
Detect date
?
02/04/2009
Severity
?
Critical
Description

Integer signing errors were found in TightVNC. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message.

Affected products

UltraVNC 1.0.2
UltraVNC 1.0.5
TightVnc 1.3.9

Solution

Update to latest version
TightVNC

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
TightVNC
TightVNC Viewer
TightVNC Server
CVE-IDS
?
CVE-2009-03880.0Unknown
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/8024

https://www.exploit-db.com/exploits/7990