Описание
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using /bpp:32 legacy GDI drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. /rfx or /gfx options). The workaround requires server side support.
Ссылки
- Issue Tracking
- Release Notes
- Release Notes
- MitigationVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue Tracking
- Release Notes
- Release Notes
- MitigationVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
8.1 High
CVSS3
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeR ...
Уязвимость функции interleaved_decompress() RDP-клиента FreeRDP, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
8.1 High
CVSS3
9.8 Critical
CVSS3