CVE-2020-37133

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions UltraVNC Launcher version 1.2.4.0

Description The software contains a denial of service issue in the Repeater Host configuration field. An attacker can cause the application to crash by providing an overly long string, specifically 300 characters, to the Repeater Host property. The vulnerable configuration field is the RepeaterHost property.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, avoid using or limit the length of input in the RepeaterHost property.

Exploit

Fix

DoS

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

CVE-2020-37133

Affected Products

Ultravnc Launcher

CVE-2020-37133

Weakness Enumeration

Related Identifiers

Affected Products

References · 6