admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-82xx/CVE-2019-8261.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

135 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-8261",
"sourceIdentifier": "vulnerability@kaspersky.com",
"published": "2019-03-05T15:29:00.443",
"lastModified": "2021-06-28T12:15:08.237",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200."
},
{
"lang": "es",
"value": "UltraVNC, en su revisi\u00f3n 1199, contiene una vulnerabilidad de lectura fuera de l\u00edmites en el c\u00f3digo VNC dentro del decodificador del cliente CoRRE, provocado por el desbordamiento de multiplicaciones. Este ataque parece ser explotable mediante la conectividad de red. Esto se ha solucionado en la revisi\u00f3n 1200."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "vulnerability@kaspersky.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.2.3",
"matchCriteriaId": "555D034F-3D64-4ED1-9B63-F8D59199E99C"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"source": "vulnerability@kaspersky.com"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"source": "vulnerability@kaspersky.com"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"source": "vulnerability@kaspersky.com"
},
{
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-007-ultravnc-out-of-bound-read/",
"source": "vulnerability@kaspersky.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"source": "vulnerability@kaspersky.com"
},
{
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"source": "vulnerability@kaspersky.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink