Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-39354

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 31 Π°Π²Π³. 2023
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS3: 5.9

ОписаниС

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the nsc_rle_decompress_data function. The Out-Of-Bounds Read occurs because it processes context->Planes without checking if it contains data of sufficient length. Should an attacker be able to leverage this vulnerability they may be able to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support
devel

released

2.10.0+dfsg1-1.1ubuntu1
esm-infra/bionic

released

2.2.0+dfsg1-0ubuntu0.18.04.4+esm1
esm-infra/focal

released

2.2.0+dfsg1-0ubuntu0.20.04.5
focal

released

2.2.0+dfsg1-0ubuntu0.20.04.5
jammy

released

2.6.1+dfsg1-3ubuntu2.4
lunar

released

2.10.0+dfsg1-1ubuntu0.2
mantic

released

2.10.0+dfsg1-1.1ubuntu1
trusty

ignored

end of standard support
upstream

released

2.11.0

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 44%
0.00211
Низкий

5.9 Medium

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-39354

CVSS3: 7.5
redhat
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `nsc_rle_decompress_data` function. The Out-Of-Bounds Read occurs because it processes `context->Planes` without checking if it contains data of sufficient length. Should an attacker be able to leverage this vulnerability they may be able to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-39354

CVSS3: 5.9
nvd
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `nsc_rle_decompress_data` function. The Out-Of-Bounds Read occurs because it processes `context->Planes` without checking if it contains data of sufficient length. Should an attacker be able to leverage this vulnerability they may be able to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-39354

CVSS3: 5.9
debian
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2023-05078

CVSS3: 5.9
fstec
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ Ρ„ΡƒΠ½ΠΊΡ†ΠΈΠΈ nsc_rle_decompress_data() RDP-ΠΊΠ»ΠΈΠ΅Π½Ρ‚Π° FreeRDP, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2024-2208

oracle-oval
большС 1 года назад

ELSA-2024-2208: freerdp security update (MODERATE)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 44%
0.00211
Низкий

5.9 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2023-39354