Описание
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the progressive_decompress function. This issue is likely down to incorrect calculations of the nXSrc and nYSrc variables. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.
Ссылки
- Issue Tracking
- ExploitVendor Advisory
- Mailing ListThird Party Advisory
- Mailing List
- Mailing List
- Mailing List
- Issue Tracking
- ExploitVendor Advisory
- Mailing ListThird Party Advisory
- Mailing List
- Mailing List
- Mailing List
Уязвимые конфигурации
Одно из
Одно из
EPSS
6.5 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `progressive_decompress` function. This issue is likely down to incorrect calculations of the `nXSrc` and `nYSrc` variables. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `progressive_decompress` function. This issue is likely down to incorrect calculations of the `nXSrc` and `nYSrc` variables. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...
Уязвимость функции progressive_decompress() RDP-клиента FreeRDP, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3
9.8 Critical
CVSS3