Описание
NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.0.346 (исключая) до 7.7.4 (исключая)
cpe:2.3:a:nomachine:enterprise_client:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00159
Низкий
8.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-190
Связанные уязвимости
github
около 4 лет назад
NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
EPSS
Процентиль: 37%
0.00159
Низкий
8.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-190