RSS   Vulnerabilities for 'Remote mini control'   RSS

2019-06-07
 
CVE-2019-3957

CWE-125
 

 
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information.

 
 
CVE-2019-3956

CWE-125
 

 
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which could crash the application or leak sensitive information.

 
 
CVE-2019-3955

CWE-119
 

 
Dameware Remote Mini Control version 12.1.0.34 and prior contains a unauthenticated remote heap overflow due to the server not properly validating RsaPubKeyLen during key negotiation. An unauthenticated remote attacker can cause a heap buffer overflow by specifying a large RsaPubKeyLen, which could cause a denial of service.

 

 >>> Vendor: Dameware 3 Products
Mini remote control
Remote support
Remote mini control


Copyright 2024, cxsecurity.com

 

Back to Top