Количество 8
Количество 8
CVE-2023-39356
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-39356
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-39356
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-39356
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...
BDU:2023-05083
Уязвимость функции gdi_multi_opaque_rect() RDP-клиента FreeRDP, позволяющая нарушителю вызвать отказ в обслуживании
ELSA-2024-2208
ELSA-2024-2208: freerdp security update (MODERATE)
SUSE-SU-2023:4893-1
Security update for freerdp
SUSE-SU-2023:4611-1
Security update for freerdp
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-39356 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 5.3 | 0% Низкий | почти 2 года назад |
 | CVE-2023-39356 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVE-2023-39356 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 5.3 | 0% Низкий | почти 2 года назад |
| CVE-2023-39356 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ... | CVSS3: 5.3 | 0% Низкий | почти 2 года назад |
 | BDU:2023-05083 Уязвимость функции gdi_multi_opaque_rect() RDP-клиента FreeRDP, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
| ELSA-2024-2208 ELSA-2024-2208: freerdp security update (MODERATE) | больше 1 года назад | ||
 | SUSE-SU-2023:4893-1 Security update for freerdp | больше 1 года назад | ||
| SUSE-SU-2023:4611-1 Security update for freerdp | больше 1 года назад |
Уязвимостей на страницу