FreeRDP Out-Of-Bounds Read in ncrush_decompress

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

跨界内存读

FreeRDP 安全漏洞

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.5.0 版本之前存在安全漏洞，该漏洞源于基于 FreeRDP 的客户端和服务器容易受到越界读取的影响。

N/A

N/A