This vncviewer.exe fixes a vulnerability found in the vncviewer
(VncViewer 1.0.2 and latest 1.0.4 RC have the same vulnerability)

This new UltravNC vncviewer is compatible with both v1.0.2 and latest v1.0.4 RC versions
Of course, it will be included in the next UltravNC 1.0.4 release


- The vulnerability is only for the vncviewer
It could allow a perpetrator to take the control of a machine running the vncviewer in LISTENING mode
It could allow a pretending-UltraVNC-server-hostile-machine to take the control of a machine trying to connect to this hostile server using the vncviewer.

The UltraVNC server does NOT have this vulnerability


- This vulnerability could be exploited when a DSM Plugin is used only if the perpetrator has the encryption key file used by the vncviewer.


=> It is recommended:

- To upgrade your vncviewer.exe, for ALL versions.
- Or to avoid to use the vncviewer in listening mode
- Or to always connect on trusted UltraVNC servers
- Or to always use a DSM plugin

Fixed version available via the Download link on home page
http://www.uvnc.com

SVN source code has also been updated