Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-41160 PoC — FreeRDP 缓冲区错误漏洞

Source
https://github.com/Jajangjaman/CVE-2021-41160
Associated Vulnerability
Title:FreeRDP 缓冲区错误漏洞 (CVE-2021-41160)
Description:FreeRDP是FreeRDP团队的一款开源的远程桌面协议(RDP)的实现。 FreeRDP 2.4.1之前版本存在缓冲区错误漏洞,恶意服务器可能会在连接的客户端中触发越界写入。
Description
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of CVE project by @Sn0wAlice
Readme
# CVE-2021-41160

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.

| authentication | complexity | vector |
| --- | --- | --- |
| NONE | MEDIUM | NETWORK |

| confidentiality | integrity | availability |
| --- | --- | --- |
| PARTIAL | PARTIAL | PARTIAL |

## CVSS Score: **6.8**

## References

* https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7c9r-6r2q-93qg

* https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWJXQOWKNR7O5HM2HFJOM4GBUFPTE3RG/

* https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXCR73EDVPLI6TRWRAWJCJ7OBYDKBB74/

* https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIZUPVRGCWUDAPDOQVUGUIYUO7UWKMXX/

* https://security.gentoo.org/glsa/202210-24

## Brut File

* [CVE-2021-41160.json](./data_brut.json)



## About this repository
This repository is part of the project [Live Hack CVE](https://github.com/Live-Hack-CVE). Made by [Sn0wAlice](https://github.com/Sn0wAlice) for the people that care about security and need to have a feed of the latest CVEs. Hope you enjoy it, don't forget to star the repo and follow me on [Twitter](https://twitter.com/Sn0wAlice) and [Github](https://github.com/Sn0wAlice)
File Snapshot

 [4.0K]  /data/pocs/c3e7ad08d14f481e39b3fe7015d61783ba6e6aab
├── [5.7K]  data_brut.json
└── [1.7K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.