First published: Tue Mar 05 2019(Updated: )
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.
Credit: vulnerability@kaspersky.com
Affected Software | Affected Version | How to fix |
---|---|---|
Uvnc Ultravnc | <1.2.2.3 | |
Siemens Sinumerik Access Mymachine\/p2p | <4.8 | |
Siemens Sinumerik Pcu Base Win10 Software\/ipc | <14.00 | |
Siemens Sinumerik Pcu Base Win7 Software\/ipc | <=12.01 | |
Siemens Sinamics Gh150 | ||
Siemens Sinamics Sh150 | ||
Siemens Sinamics Sl150 | ||
Siemens Sinamics Sm120 | ||
Siemens Sinamics Sm150 | ||
Siemens SINAMICS SM150i | ||
Siemens SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants) Update 4 | <16 | 16 |
Siemens SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants) Update 4 | <16 | 16 |
Siemens SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F Update 4 | <16 | 16 |
Siemens SIMATIC WinCC Runtime Advanced Update 4 | <16 | 16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.