CVE-2009-0388

Name of the Vulnerable Software and Affected Versions UltraVNC versions 1.0.2 through 1.0.5 TightVnc version 1.3.9

Description The issue is related to multiple integer signedness errors that can be exploited by remote VNC servers. This can lead to a denial of service, resulting in heap corruption and application crash, or possibly allow the execution of arbitrary code. The errors are related to the ClientConnection::CheckBufferSize and ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp. A large length value in a message can trigger this issue.

Recommendations For UltraVNC versions 1.0.2 through 1.0.5, consider disabling the ClientConnection::CheckBufferSize and ClientConnection::CheckFileZipBufferSize functions until a patch is available. For TightVnc version 1.3.9, restrict access to the ClientConnection.cpp module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.