{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2020-37133","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2026-02-03T16:27:45.306Z","datePublished":"2026-02-05T16:13:36.480Z","dateUpdated":"2026-02-05T18:44:22.255Z"},"containers":{"cna":{"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2026-02-05T16:13:36.480Z"},"datePublic":"2020-04-05T00:00:00.000Z","title":"UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service","descriptions":[{"lang":"en","value":"UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash."}],"problemTypes":[{"descriptions":[{"lang":"en","description":"Stack-based Buffer Overflow","cweId":"CWE-121","type":"CWE"}]}],"affected":[{"vendor":"UltraVNC Team","product":"UltraVNC Launcher","versions":[{"version":"1.2.4.0","status":"affected"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":6.7,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"ACTIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS"},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"format":"CVSS"}],"references":[{"url":"https://www.exploit-db.com/exploits/48288","name":"ExploitDB-48288","tags":["exploit"]},{"url":"https://www.uvnc.com/","name":"UltraVNC Official Homepage","tags":["product"]},{"name":"VulnCheck Advisory: UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service","tags":["third-party-advisory"],"url":"https://www.vulncheck.com/advisories/ultravnc-launcher-repeaterhost-denial-of-service"}],"credits":[{"lang":"en","value":"chuyreds","type":"finder"}],"x_generator":{"engine":"vulncheck"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-02-05T18:44:16.309495Z","id":"CVE-2020-37133","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-05T18:44:22.255Z"}}]}}