关联漏洞
标题:Microsoft Remote Desktop Protocol Client 信息泄露漏洞 (CVE-2019-1108)Description:Microsoft Windows和Microsoft Windows Server都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Remote Desktop Protocol Client是其中的一个远程桌面协议客户端。 Microsoft Remote Desktop Protocol Client中存在信息泄露漏洞。攻击者可通过登录到受影响的系统上并运行特制的应用程序
介绍
# CVE-2019-1108 Exploitation
```
CVE-2019-1108
Remote Desktop Protocol Client Information Disclosure Vulnerability
Published: 07/09/2019 | Last Updated : 11/19/2019
MITRE CVE-2019-1108
An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application.
The security update addresses the vulnerability by correcting how the Windows RDP client initializes memory.
```
文件快照
[4.0K] /data/pocs/b2483f6c4514c927cf80b877ca8382b2ccfcde63
├── [7.9K] cve-2019-1108.cc
├── [117K] leak.png
└── [ 710] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。