Exodus ensures that each and every discovered vulnerability is relevant, reliable, and well-documented before we disclose the issue to the appropriate vendor for remediation.
EIP-0e1ca3ec A vulnerability exists within UltraVNC’s “vncviewer.exe” client. A malicious server can trigger an arbitrary memory write condition through a flaw in the function ClientConnection::SolidColor
EIP-0e1ca3ec A vulnerability exists within UltraVNC’s “vncviewer.exe” client. Specifically a malicious server may write arbitrary data to arbitrary memory locations through the in the “rfbServerInitMsg”
EIP-930b0ea5 A vulnerability exists within UltraVNC’s “vncviewer.exe” client. Specifically a heap overflow can be triggered in the “ClientConnection::ReadUltraRect” function upon decompression of malicious formatted data
EIP-5182fb5b A vulnerability exists within UltraVNC view due to a lack of proper stack memory buffer cleanup before constructing the ‘rfbTextChat’ message, which results in