Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-40567

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 31 Π°Π²Π³. 2023
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS3: 6.5

ОписаниС

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the clear_decompress_bands_data function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support
devel

released

2.10.0+dfsg1-1.1ubuntu1
esm-infra/bionic

released

2.2.0+dfsg1-0ubuntu0.18.04.4+esm1
esm-infra/focal

released

2.2.0+dfsg1-0ubuntu0.20.04.5
focal

released

2.2.0+dfsg1-0ubuntu0.20.04.5
jammy

released

2.6.1+dfsg1-3ubuntu2.4
lunar

released

2.10.0+dfsg1-1ubuntu0.2
mantic

released

2.10.0+dfsg1-1.1ubuntu1
trusty

ignored

end of standard support
upstream

released

2.11.0

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 48%
0.00245
Низкий

6.5 Medium

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-40567

CVSS3: 7.5
redhat
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `clear_decompress_bands_data` function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-40567

CVSS3: 6.5
nvd
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `clear_decompress_bands_data` function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-40567

CVSS3: 6.5
debian
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2023-05076

CVSS3: 6.5
fstec
ΠΎΠΊΠΎΠ»ΠΎ 2 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ Ρ„ΡƒΠ½ΠΊΡ†ΠΈΠΈ clear_decompress_bands_data() RDP-ΠΊΠ»ΠΈΠ΅Π½Ρ‚Π° FreeRDP, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

oracle-oval Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

ELSA-2024-2208

oracle-oval
большС 1 года назад

ELSA-2024-2208: freerdp security update (MODERATE)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 48%
0.00245
Низкий

6.5 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2023-40567