Showing 1 - 3 of 3

CVE-2023-39350

Status Candidate

Overview

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS (e.g. abort due to `WINPR_ASSERT` with default compilation flags). When an insufficient blockLen is provided, and proper length validation is not performed, an Integer Underflow occurs, leading to a Denial of Service (DOS) vulnerability. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related Files

Red Hat Security Advisory 2024-2208-03: Posted Apr 30, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2208-03 - An update for freerdp is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds read, and out of bounds write vulnerabilities.; tags | advisory, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2023-39350; SHA-256 | d35c2dacb4ba39a2b04932e45ff213c2efa3efc4d0a7615936eacb552ec25e83; Download | Favorite | View

Gentoo Linux Security Advisory 202401-16: Posted Jan 12, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202401-16 - Multiple vulnerabilities have been discovered in FreeRDP, the worst of which could result in code execution. Versions greater than or equal to 2.11.0 are affected.; tags | advisory, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-39347, CVE-2022-41877, CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39355, CVE-2023-39356; SHA-256 | 3bd4fd57a2cfebab9086b429320a0d45d42381e7f1c261ec6b3e4d1e201e84a9; Download | Favorite | View

Ubuntu Security Notice USN-6401-1: Posted Oct 4, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6401-1 - It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-39350, CVE-2023-39354, CVE-2023-40181, CVE-2023-40569; SHA-256 | 9d49b67d80a9d8ac4cbe0f390e587665488a0a6f20bf9d963b6668b08fc9fc73; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2023-39350

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems