CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-4770

The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.058

EPSS Ranking 90.1%

CVSS Severity

CVSS v2 Score 10.0

References

http://secunia.com/advisories/32317
http://secunia.com/advisories/33689
http://secunia.com/advisories/34184
http://sunsolve.sun.com/search/document.do?assetkey=1-21-140455-01-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-248526-1
http://www.gentoo.org/security/en/glsa/glsa-200903-17.xml
http://www.realvnc.com/pipermail/vnc-list/2008-November/059432.html
http://www.realvnc.com/products/free/4.1/release-notes.html
http://www.realvnc.com/products/upgrade.html
http://www.redhat.com/support/errata/RHSA-2009-0261.html
http://www.securityfocus.com/bid/31832
http://www.securityfocus.com/bid/33263
http://www.vupen.com/english/advisories/2008/2868
https://exchange.xforce.ibmcloud.com/vulnerabilities/45969
https://exchange.xforce.ibmcloud.com/vulnerabilities/47937
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9367
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01025.html
http://secunia.com/advisories/32317
http://secunia.com/advisories/33689
http://secunia.com/advisories/34184
http://sunsolve.sun.com/search/document.do?assetkey=1-21-140455-01-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-248526-1
http://www.gentoo.org/security/en/glsa/glsa-200903-17.xml
http://www.realvnc.com/pipermail/vnc-list/2008-November/059432.html
http://www.realvnc.com/products/free/4.1/release-notes.html
http://www.realvnc.com/products/upgrade.html
http://www.redhat.com/support/errata/RHSA-2009-0261.html
http://www.securityfocus.com/bid/31832
http://www.securityfocus.com/bid/33263
http://www.vupen.com/english/advisories/2008/2868
https://exchange.xforce.ibmcloud.com/vulnerabilities/45969
https://exchange.xforce.ibmcloud.com/vulnerabilities/47937
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9367
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01025.html

Products affected by CVE-2008-4770

Realvnc » Realvnc » Version: 4.0

cpe:2.3:a:realvnc:realvnc:4.0
Realvnc » Realvnc » Version: 4.1.2

cpe:2.3:a:realvnc:realvnc:4.1.2
Realvnc » Realvnc » Version: 4.4.2

cpe:2.3:a:realvnc:realvnc:4.4.2
Realvnc » Realvnc » Version: e4.0

cpe:2.3:a:realvnc:realvnc:e4.0
Realvnc » Realvnc » Version: p4.0

cpe:2.3:a:realvnc:realvnc:p4.0
Realvnc » Realvnc » Version: p4.4.2

cpe:2.3:a:realvnc:realvnc:p4.4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4770

Products

Pricing

Contact Us