漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FreeRDP has heap-buffer-overflow in clear_decompress_residual_data
Vulnerability Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color output. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
FreeRDP 安全漏洞
Vulnerability Description
FreeRDP是FreeRDP团队的一款开源的远程桌面协议(RDP)的实现。 FreeRDP 3.21.0之前版本存在安全漏洞,该漏洞源于RDPGFX ClearCodec解码路径中特制的残留数据可能导致颜色输出时越界写入,进而引发堆缓冲区溢出,造成崩溃或任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A