CVE-2002-0971 — MEDIUM (4.6)

Q: How severe is CVE-2002-0971?

CVE-2002-0971 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2002-0971?

Check the references section above for vendor advisories and patch information. Affected products include: Att Winvnc Server, Tightvnc Tightvnc, Tridia Tridiavnc.

Vulnerability Description

Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Att	Winvnc Server	<= 3.3.3_r9
Tightvnc	Tightvnc	1.2.0
Tridia	Tridiavnc	1.5

References

FAQ

What is CVE-2002-0971?

CVE-2002-0971 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dia...

How severe is CVE-2002-0971?

CVE-2002-0971 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-0971?

Check the references section above for vendor advisories and patch information. Affected products include: Att Winvnc Server, Tightvnc Tightvnc, Tridia Tridiavnc.