RealVNC Viewer is prone to a remote code-execution vulnerability because it fails to adequately handle certain encoding types.
An attacker can exploit this issue to execute arbitrary code in the context of the vulnerable process. Failed exploit attempts are likely to result in denial-of-service conditions.
This issue may be related to the vulnerability discussed in BID 30499 (RealVNC 4.1.2 'vncviewer.exe' Remote Denial of Service Vulnerability).
RealVNC 4.1.2 is vulnerable; earlier versions may also be affected.
Read more...
No comments:
Post a Comment