CVE-2008-5001

UltraVNC 1.0.2 and 1.0.4 - Stack-Based Buffer Overflow in FileTransfer.cpp

Title source: llm
STIX 2.1

Description

Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27687
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0486
Vendor Advisory x_refsource_confirm
http://forum.ultravnc.info/viewtopic.php?p=45150#45150
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28804

Scores

EPSS 0.0559
EPSS Percentile 92.0%

Details

CWE
CWE-119
Status published
Products (2)
ultravnc/ultravnc 1.0.2
ultravnc/ultravnc 1.0.4
Published Nov 10, 2008
Tracked Since Feb 18, 2026