{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T00:52:34.393","vulnerabilities":[{"cve":{"id":"CVE-2019-8260","sourceIdentifier":"vulnerability@kaspersky.com","published":"2019-03-05T15:29:00.397","lastModified":"2024-11-21T04:49:35.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200."},{"lang":"es","value":"UltraVNC, en su revisión 1198, contiene una vulnerabilidad de lectura fuera de límites en el código del decodificador RRE del cliente VNC, provocado por el desbordamiento de multiplicaciones. Este ataque parece ser explotable mediante la conectividad de red. Esto se ha solucionado en la revisión 1200."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnerability@kaspersky.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.2.3","matchCriteriaId":"555D034F-3D64-4ED1-9B63-F8D59199E99C"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf","source":"vulnerability@kaspersky.com"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf","source":"vulnerability@kaspersky.com"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf","source":"vulnerability@kaspersky.com"},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-006-ultravnc-out-of-bound-read/","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11","source":"vulnerability@kaspersky.com"},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-161-06","source":"vulnerability@kaspersky.com"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-006-ultravnc-out-of-bound-read/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-161-06","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}