Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2023-72250
HistorySep 05, 2023 - 12:00 a.m.

FreeRDP Buffer Overflow Vulnerability (CNVD-2023-72250)

2023-09-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
freerdp
buffer overflow
vulnerability
ncrush_decompress
remote attacker
arbitrary code
denial of service
cnvd-2023-72250

EPSS

0.001

Percentile

34.1%

FreeRDP is an open source implementation of the Remote Desktop Protocol (RDP) from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that originates from a boundary error in the ncrush_decompress function when handling untrusted input. A remote attacker could exploit the vulnerability to execute arbitrary code on the system or cause a denial of service attack.