Important Information
There has been a serious integer overflow vulnerability found in the UltraVNC viewer with versions 1.0.5.3 and earlier. There is more information about this vulnerability at Core Security.
Notice that this is for the viewer only. The server is not affected by this bug.
Solution
The easiest way to upgrade the viewer is to upgrade to the latest release of VENM Console. This version uses the patched viewer and is safe.
Alternatively, you can manually update your vncviewer.exe by performing the following steps:
- Download the zipped viewer here
- Unzip the vncviewer.exe into the following places:
- “C:Program FilesBozteckVNCScan Console .Net”
- “C:fastpushvnc7ultra”
Thank You,
Steve Bostedor
Bozteck VENM Support
http://www.vncscan.com