Lucene search

K
cvelistGitHub_MCVELIST:CVE-2023-40181
HistoryAug 31, 2023 - 9:06 p.m.

CVE-2023-40181 Integer-Underflow leading to Out-Of-Bound Read in FreeRDP

2023-08-3121:06:14
CWE-191
CWE-125
GitHub_M
www.cve.org
1
freerdp
integer-underflow
out-of-bound
read
cve-2023-40181
remote desktop protocol
apache license
zgfx_decompress_segment
copymemory
upgrade

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

9.5

Confidence

High

EPSS

0.001

Percentile

38.3%

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfx_decompress_segment function. In the context of CopyMemory, it’s possible to read data beyond the transmitted packet range and likely cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue.

CNA Affected

[
  {
    "vendor": "FreeRDP",
    "product": "FreeRDP",
    "versions": [
      {
        "version": "< 2.11.0",
        "status": "affected"
      },
      {
        "version": ">= 3.0.0-beta1, < 3.0.0-beta3",
        "status": "affected"
      }
    ]
  }
]

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

9.5

Confidence

High

EPSS

0.001

Percentile

38.3%