TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System . This attack appear to be exploitable via network connectivity.