Nortel Response to Multiple Integer Overflow Vulnerabilities in Multiple VNC Clients
| Description: |
Multiple VNC clients are prone to integer-overflow vulnerabilities because they fail to properly validate data supplied by the VNC server. An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Some Nortel products contain this software as a component and thus are potentially affected. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. The following are vulnerable to these issues; other VNC applications may also be affected: UltraVNC prior to 1.0.5.4 TightVNC prior to 1.3.10 This bulletin addresses the following CVE: - CVE-2009-0388 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0388) Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories |
| Type: |
Security Advisories |
| Number: |
2009009383, Rev 1 |
| Status: |
Retired |
| Date: |
2009-09-29 |
