Patch Viewer 1.0.9

Jun 01, 2010 What's new in Grand Theft Auto IV Patch 1.0.7.0: fixed a bug causing tree leaves to look transparent; fixed a bug that prevented uploading of rendered videos to Social Club when attaching certain music tracks. The example below defines a path that starts at position 150,0 with a line to position 75,200 then from there, a line to 225,200 and finally closing the path back to 150,0.


ultravnc 1209 X86 setup
GNU/GPL 2015-11-03 English Windows 3.24 MB 144,661

Patch Viewer 1.0.9 Update

ultravnc 1209 X64 setup
GNU/GPL 2015-11-03 English Windows 2.82 MB 212,460
ultravnc 1209 ALL bin zip
GNU/GPL 2015-11-03 English Windows 11.91 MB 11,865

MSI: not compatible with w2K and xp

ultravnc 1209 msi x86
GNU/GPL 2015-11-04 English Windows 4.88 MB 5,089

Patch viewer 1.0.9 windows 10
ultravnc 1209 msi x64
GNU/GPL 2015-11-04 English Windows 5.49 MB 7,216
addons win32 1209
GNU/GPL 2015-11-03 English Windows 1.33 MB 4,526

addons x64 1209
GNU/GPL 2015-11-03 English Windows 1.26 MB 5,313

Remark bins: Never extract the exe direct (via iexplorer) from the zip.
If you extract them direct, uac mark the files as unsecure... and winvnc server doesn't work proper.
First save as zip then open via explorer...

Viewer Translations ( rename dll to vnclang.dll)

translations 1180

This dll's translate the gui.
Server:German-Russian-spanish
Viewer:French-Catalan-German-Japanese-Portugueze-Russian-Spanish

See reame.txt

GNU/GPL 2012-11-27 Windows 1.74 MB 43,532

Mirror Driver

Mirror Driver

Mirror driver ( min OS XP, max win7 X64)
Full installer auto download mirror drivers, but if you selected no you can manual install the mirror driver.
Mirror driver can only be installed via the console ( no RDP session)
Vista > open a cmd 'run as admin' and run the install.bat from there ( UAC required)

Commercial license 2011-06-19 Windows 352.8 KB 351,328

SourceCode

ultravnc_1.2.0.9_src
GNU/GPL 2015-11-03 English Windows 8.68 MB 2,345

Changes

**********************************************
* Ultr@VNC - Latest modifications - History

** V1.2.0.9 November 2015

*added XZ encoder (small bandwidth)
*crash fix
*auto mode: better initial settings to avoid coder switch on start
*fix 10 second delay win8 with keyboardhelper
*w8hook embedded
*option Gii encoder adde
*memory leaks
*added tight encoder patch from Turbovnc project
*reconnect timeout in invers mode was increasing on each try, max set to 3 minutes*crashes detected by crashrpt fixed

** V1.2.0.6 June 2015

*fix timeout multiple viewers
*scale server window, also when directx is not available
*fix multiple initial screen sends
*fix win8 and w8hook loop/hung high cpu
*added dpi aware for viewer

** V1.2.0.5 Dec 2014

*add viewer idle timer

*add server id to password box

*server deadlock fixed ( existed already for 2 years)

*server tray install/uninstall/start stop service

*minimize viewer and high cpu

*save plugin options corrected

Patch Viewer 1.0.9

*update uvnc_settings.exe ( added new settings, help pages, service buttons)

*update repeater (could be locked by port scans)

** V1.2.0.4 Nov 2014

-Save config plugin fix
-clipboard deadlock
-allow filetransfer when file is open
-sdtime removed ( performance)
-alt-grf win8 fix

** V1.2.0.3 Aug 2014

SECURITY UPDATE
impact: all pre 1.2.0.3 versions
exploit: localuser (guest) can gain local admin access on win8
** V1.2.0.2
*viewer portable
*you can set a single port java/rfb
*server deadlock fixes for slower connections
*ignore cursor when not in view window ( crashed java viewer)
*fast keyboard input could cause 100% cpu usahe on win8, fixed

** V1.2.0.1 Aug 2014

Patch viewer 1.0.9 windows 10

*service, fix error 1314, server sometimes failed to start desktop part and closed winvnc.
*security: increase timeout after each wrong password to make brute force hacking harder
*color correction 16bit and mirror driver*memory leak with mirror driver fixed in previous fix J
*save setting permission fix
*added support for new repeater with keepalive
*tooltip buffer overrun fix, cause server to fail when sting in systray was to long
( multiple ethernet card. Long hostnames etc…)

**V1.1.9.6 Dec 2013

*auto alpha blending based on OS*zrle deadlock fix
*tight encoding fixed
*show screenbuildup on first run
*server fix bug that crashed iexplorer 8

**V1.1.9.4 Okt 2013

*viewer mod for vmware ( wrong colors)
*update lijpeg-turbo to 1.3.0

**V1.1.9.3 Aug 2013
-Missing screen refresh ( when driver selected but not used)
-Factory reset ( when temp was not writable)

**V1.1.9.2 Aug 2013
-Mirror driver and begative screen coordinates (left secondary desktop)

**V1.1.9.0 May 2013
-fixed change ip detection, sometimes server was disconnected after a few seconds by a false positive
-new installer xp64 wasn’t supported

**V1.1.8.9 April 2013
-Viewer timeout option grayscreen fix
-server leaks fixed

**V1.1.8.8 March 2013
-server crash
-server grayscreen on startup loop fixed

**V1.1.8.7 March 2013
-filetransfer bug fix (x64)

**V1.1.8.6 March 2013
-autoreconnect and auth fail fix
-viewer with option window open fails to close
-viewer messagebox sometimes hidden behind window

**V1.1.8.5 March 2013
deadlock softcursor fixed (viewer)
**V1.1.8.4 March 2013
server
-u2 encode on 16 color display crash
viewer
-fullscreen bar center
-recoonect set by default

**V1.1.8.3 March 2013

-Fix server /NULL crash
-Fix radio button u2 viewer

**V1.1.8.2 March 2013
-fix lock after gray screen

**v1.1.8.2 (March 2013)
-disconnect after gray screen
**v1.1.8 (Nov 2012)
-addad support windows 8
( new capture engine)
-several bug fixes
-better multi monitor support
-new vncpasswd + encryption.
Instead of using the password as part of the encryption, we now check the password insite the encryption by the server. This allow the server to balcklist servers
after x fault password.
WARNING: If using encryption plugin + vncpassword you better upgrade. No protection against Brute force password hacking.
**v1.0.9.6.2 (Feb 2012)
-removed beeps
-Capture alpha-Blending default value.
-Viewer crash fixed
-Grayscale fixed
-msi installers

server
*crash chat x64
*AuthRequired=0, passwd=NULL: Warning message block service
*About x64 say win32
*viewer 1082 and server 1096 with localcursor ( no connect, 100% cpu)
*serversite scaling and multiple viewers, framebuffer size get overwritten
(Scale is now lock when multiple viewers are connected to avoid a
framebuffer change, first connected viewer set scale. Site effect is that
the viewer report the unused, incorrect scale, but at least it doesn't crash anymore)
*-connect ip, passed to winvnc running as service is not remembered for
autoreconnect.
*-stopreconnect
stop the autoreconnect function of the server.
*server mouse moves jump on viewer when screen is idle.
*old plugin zrle crash


viewer
*plugin (SecureVNCPlugin) used by viewer
server without plugin
give incorrect viewer message. And doesn't ask to reject the connection.
*monitor value is saved, but vncviewer read it as bool (true/false)
Only 0/1 are correct imported
*old plugins fail when zrle encoding is used
*old plugins give incorrect info in statusbox
*-autoreconnect timeout, -reconnectcounter number
(available from gui and commandline)
-autoreconnect timeout was incorrect, updated
*old plugin detection
*Messagebox was sometimes displayed on invisable desktop
*auth dll error messages for missing dll's incorrect
*mslogon and no groups, didn't checked admin account for access
*lock /logout screen on exit viewer option blocked shutdown server.

javaviewer
*mslogon fixed
added special build: only one port for javaviewer (rfb port is used for java download and rfb data)

Patch Viewer 1.0.9 Pc

License

Patch Viewer 1.0.9 Mac

GNU GENERAL PUBLIC LICENSE (GPL)

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
http://www.gnu.org/licenses

Patch Viewer 1.0.9 Free

xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
Publish Date : 2011-04-08 Last Update Date : 2017-08-16
Scroll To Comments External Links

- CVSS Scores & Vulnerability Types

CVSS Score
Confidentiality ImpactComplete(There is total information disclosure, resulting in all system files being revealed.)
Integrity ImpactComplete(There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability ImpactComplete(There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access ComplexityMedium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
AuthenticationNot required(Authentication is not required to exploit the vulnerability.)
Gained AccessNone
Vulnerability Type(s)Execute Code
CWE ID20

- Additional Vendor Supplied Data

VendorImpactCVSS ScoreCVSS VectorReport DatePublish Date
RedhatmoderateAV:A/AC:H/Au:N/C:C/I:C/A:C2011-02-242011-04-05
If you are a vendor and you have additional data which can be automatically imported into our database, please contact admin @ cvedetails.com

- Related OVAL Definitions

TitleDefinition IdClassFamily
CVE-2011-0465 oval:org.opensuse.security:def:20110465 unix
DEPRECATED: ELSA-2011-0433 -- xorg-x11-server-utils security update (moderate) oval:org.mitre.oval:def:28013 unix
DSA-2213-1 x11-xserver-utils -- missing input sanitisation oval:org.mitre.oval:def:12949 unix
ELSA-2011:0433: xorg-x11-server-utils security update (Moderate) oval:org.mitre.oval:def:23703 unix
RHSA-2011:0432: xorg-x11 security update (Moderate) oval:com.redhat.rhsa:def:20110432 unix
RHSA-2011:0433: xorg-x11-server-utils security update (Moderate) oval:com.redhat.rhsa:def:20110433 unix
RHSA-2011:0433: xorg-x11-server-utils security update (Moderate) oval:org.mitre.oval:def:21165 unix
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2011-0465

#Product TypeVendorProductVersionUpdateEditionLanguage
1 Application Matthias HopfXrdb 1.0.2 Version DetailsVulnerabilities
2 Application Matthias HopfXrdb 1.0.3 Version DetailsVulnerabilities
3 Application Matthias HopfXrdb 1.0.4 Version DetailsVulnerabilities
4 Application Matthias HopfXrdb 1.0.5 Version DetailsVulnerabilities
5 Application Matthias HopfXrdb 1.0.6 Version DetailsVulnerabilities
6 Application Matthias HopfXrdb 1.0.7 Version DetailsVulnerabilities
7 Application Matthias HopfXrdb 1.0.8 Version DetailsVulnerabilities
8 Application XX11 R7.0 Version DetailsVulnerabilities
9 Application XX11 R6.1 Version DetailsVulnerabilities
10 Application XX11 R7.1 Version DetailsVulnerabilities
11 Application XX11 R7.2 Version DetailsVulnerabilities
12 Application XX11 R7.3 Version DetailsVulnerabilities
13 Application XX11 R6.3 Version DetailsVulnerabilities
14 Application XX11 R7.4 Version DetailsVulnerabilities
15 Application XX11 R6.4 Version DetailsVulnerabilities
16 Application XX11 R7.5 Version DetailsVulnerabilities
17 Application XX11 R6.5.1 Version DetailsVulnerabilities
18 Application XX11 R7.6 Version DetailsVulnerabilities
19 Application XX11 R6.6 Version DetailsVulnerabilities
20 Application XX11 R6.7 Version DetailsVulnerabilities
21 Application XX11 R6.7.0 Version DetailsVulnerabilities
22 Application XX11 R6.8.0 Version DetailsVulnerabilities
23 Application XX11 R6.8.1 Version DetailsVulnerabilities
24 Application XX11 R6.8.2 Version DetailsVulnerabilities
25 Application XX11 R6.9.0 Version DetailsVulnerabilities
26 Application XX11 R1 Version DetailsVulnerabilities
27 Application XX11 R2 Version DetailsVulnerabilities
28 Application XX11 R3 Version DetailsVulnerabilities
29 Application XX11 R4 Version DetailsVulnerabilities
30 Application XX11 R5 Version DetailsVulnerabilities
31 Application XX11 R6 Version DetailsVulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Matthias HopfXrdb 7
XX11 24

- References For CVE-2011-0465

https://bugzilla.redhat.com/show_bug.cgi?id=680196 CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/66585
XF xorg11-xrdb-command-execution(66585)
http://www.vupen.com/english/advisories/2011/0975
VUPEN ADV-2011-0975
http://www.vupen.com/english/advisories/2011/0966
VUPEN ADV-2011-0966
http://www.securityfocus.com/bid/47189
BID 47189 X.Org xrdb Remote Arbitrary Shell Command Injection Vulnerability Release Date:2014-12-19
http://www.securitytracker.com/id?1025317
SECTRACK 1025317
http://www.ubuntu.com/usn/USN-1107-1
UBUNTU USN-1107-1
http://www.vupen.com/english/advisories/2011/0880
VUPEN ADV-2011-0880
http://www.vupen.com/english/advisories/2011/0889
VUPEN ADV-2011-0889
http://www.vupen.com/english/advisories/2011/0906
VUPEN ADV-2011-0906
http://www.vupen.com/english/advisories/2011/0929
VUPEN ADV-2011-0929
http://www.redhat.com/support/errata/RHSA-2011-0433.html
REDHAT RHSA-2011:0433
http://www.redhat.com/support/errata/RHSA-2011-0432.html
REDHAT RHSA-2011:0432
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.465748
SLACKWARE SSA:2011-096-01
http://lists.freedesktop.org/archives/xorg-announce/2011-April/001636.html
MLIST [xorg-announce] 20110405 X.Org security advisory: root hole via rogue hostname
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00002.html
SUSE SUSE-SA:2011:016
http://www.mandriva.com/security/advisories?name=MDVSA-2011:076
MANDRIVA MDVSA-2011:076
http://www.debian.org/security/2011/dsa-2213
DEBIAN DSA-2213
http://cgit.freedesktop.org/xorg/app/xrdb/commit/?id=1027d5df07398c1507fb1fe3a9981aa6b4bc3a56 CONFIRM
http://lists.freedesktop.org/archives/xorg-announce/2011-April/001635.html
MLIST [xorg-announce] 20110405 xrdb 1.0.9
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057928.html
FEDORA FEDORA-2011-4871
https://lwn.net/Articles/437150/
SUSE openSUSE-SU-2011:0298

- Metasploit Modules Related To CVE-2011-0465

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)

Comments are closed.