Lucene search

K
redhatcveRedhat.comRH:CVE-2023-39352
HistorySep 05, 2023 - 3:14 p.m.

CVE-2023-39352

2023-09-0515:14:22
redhat.com
access.redhat.com
10
freerdp
vulnerability
out-of-bounds
write
crash

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

70.3%

A flaw was found in FreeRDP. An out-of-bounds write may occur when the values rect->left and rect->top are exactly equal to surface->width and surface->height. eg. rect->left == surface->width && rect->top == surface->height. This issue can result in a crash.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.003

Percentile

70.3%