What is CVE-2001-0167?

CVE-2001-0167 is a vulnerability in N/a. Published 2001-03-09.

Is CVE-2001-0167 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2001-0167

Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.

EPSS: 0.654 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores

References

winvnc-client-bo(6025) (vdb-entry, x_refsource_XF)
2305 (vdb-entry, x_refsource_BID)
20010129 [CORE SDI ADVISORY] WinVNC client buffer overflow (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2001-0167?: CVE-2001-0167 is a vulnerability in N/a. Published 2001-03-09.
Is CVE-2001-0167 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.