CVE-2018-15361

CRITICAL

UltraVNC < 1.2.2.3 - Out-of-bounds Write in VNC Client Code

Title source: llm
STIX 2.1

Description

UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

Scores

CVSS v3 9.8
EPSS 0.0288
EPSS Percentile 85.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-124 CWE-787
Status published
Products (1)
uvnc/ultravnc < 1.2.2.3
Published Mar 05, 2019
Tracked Since Feb 18, 2026