CVE-2019-8266

Name of the Vulnerable Software and Affected Versions UltraVNC revision 1207

Description The issue is related to improper usage of the ClientConnection::Copybuffer function in the VNC client code, which can result in out-of-bounds access and potentially allow code execution. This can be exploited via network connectivity, and user interaction is required to trigger the issue. The exploitation of this vulnerability may allow a remote attacker to execute arbitrary code.

Recommendations For UltraVNC revision 1207, update to revision 1208 to resolve the issue. As a temporary workaround, consider restricting network connectivity to minimize the risk of exploitation until the update can be applied.