Unrated severityNVD Advisory· Published Apr 6, 2006· Updated Apr 16, 2026
CVE-2006-1652
CVE-2006-1652
Description
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
Affected products
2- cpe:2.3:a:ultravnc:tabbed_viewer:1.29:*:*:*:*:*:*:*
- cpe:2.3:a:ultravnc:vnc_viewer:1.0.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.securityfocus.com/bid/17378nvdExploit
- secunia.com/advisories/19513nvdVendor Advisory
- www.vupen.com/english/advisories/2006/1240nvdVendor Advisory
- lists.grok.org.uk/pipermail/full-disclosure/2006-April/044901.htmlnvd
- securityreason.com/securityalert/674nvd
- www.securityfocus.com/archive/1/429930/100/0/threadednvd
- www.securityfocus.com/archive/1/430287/100/0/threadednvd
- www.securityfocus.com/archive/1/430711/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25648nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25650nvd
- www.exploit-db.com/exploits/1642nvd
- www.exploit-db.com/exploits/1643nvd
News mentions
0No linked articles in our index yet.