First published: Fri Mar 01 2019(Updated: )
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.
Credit: vulnerability@kaspersky.com
Affected Software | Affected Version | How to fix |
---|---|---|
Uvnc Ultravnc | <1.2.2.3 | |
Siemens Sinamics Gh150 | ||
Siemens Sinamics Sh150 | ||
Siemens Sinamics Sl150 | ||
Siemens Sinamics Sm120 | ||
Siemens Sinamics Sm150 | ||
Siemens SINAMICS SM150i | ||
Siemens SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants) Update 4 | <16 | 16 |
Siemens SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants) Update 4 | <16 | 16 |
Siemens SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F Update 4 | <16 | 16 |
Siemens SIMATIC WinCC Runtime Advanced Update 4 | <16 | 16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.