CVE-2019-25600
Received Received - Intake
Buffer Overflow in UltraVNC Viewer 1.2.2.4 Causes DoS

Publication date: 2026-03-22

Last updated on: 2026-03-22

Assigner: VulnCheck

Description
UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-22
Last Modified
2026-03-22
Generated
2026-06-16
AI Q&A
2026-03-22
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25600
EUVD
EUVD-2019-19942
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ultravnc viewer 1.2.2.4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Executive Summary

CVE-2019-25600 is a denial of service vulnerability in UltraVNC Viewer version 1.2.2.4 and earlier. It occurs because the application does not properly handle an oversized string input in the VNC Server field, leading to a buffer overflow.

An attacker can exploit this by pasting a malicious string consisting of 256 repeated characters into the VNC Server input field and then clicking Connect. This triggers the buffer overflow, causing the UltraVNC Viewer application to crash.

Impact Analysis

This vulnerability can cause the UltraVNC Viewer application to crash, resulting in a denial of service. This means legitimate users will be unable to use the viewer while it is crashed.

Since the vulnerability is remotely exploitable without privileges but requires user interaction, an attacker could cause disruption by tricking a user into pasting the malicious string and connecting.

The impact is primarily on availability, with no direct impact on confidentiality or integrity.

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to reproduce the crash condition on the UltraVNC Viewer application version 1.2.2.4 or earlier.'}, {'type': 'paragraph', 'content': 'A proof-of-concept method involves creating a string of 256 repeated characters (for example, the character \'A\') and pasting it into the "VNC Server" input field of the UltraVNC Viewer, then clicking Connect. If the application crashes, the vulnerability is present.'}, {'type': 'list_item', 'content': "Create a text file containing 256 repetitions of the character 'A' (hex 0x41)."}, {'type': 'list_item', 'content': 'Copy the contents of this file to the clipboard.'}, {'type': 'list_item', 'content': 'Launch UltraVNC Viewer.'}, {'type': 'list_item', 'content': 'Paste the clipboard content into the "VNC Server" input field.'}, {'type': 'list_item', 'content': 'Click the "Connect" button and observe if the application crashes.'}] [2]

Mitigation Strategies

To mitigate this vulnerability, avoid using UltraVNC Viewer version 1.2.2.4 or earlier until a patch or update is available.

Do not paste or input oversized strings (such as 256 repeated characters) into the VNC Server input field.

If possible, restrict access to UltraVNC Viewer usage to trusted users and networks to reduce the risk of exploitation.

Monitor for updates or patches from the vendor and apply them as soon as they become available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25600. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart