Release DateJun 24, 2010 |
Severityhigh |
ImpactSystem compromise: Remote attackers can gain control of vulnerable systems.Denial of service |
DescriptionThis indicates an attack attempt against a memory-corruption vulnerability in RealVNC VNC Server.The vulnerability is caused by an error when the vulnerable software handles a specially crafted ClientCutText VNC command. It allows a remote attacker to execute arbitrary code. |
Affected ProductsRealVNC RealVNC 4.1.3 |
Recommended ActionsUpgrade to the latest versions:http://www.realvnc.com/ |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/39895 (BugTraq) |
