Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:B868DCDE3068912E1FCE6F3D94B1FC46
HistoryMar 14, 2011 - 12:00 a.m.

Microsoft Remote Desktop Connection Insecure Library Injection

2011-03-1400:00:00
SAINT Corporation
www.saintcorporation.com
13

0.958 High

EPSS

Percentile

99.5%

JSON

Added: 03/14/2011
CVE: CVE-2011-0029
BID: 46678
OSVDB: 71014

Background

The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer.

Problem

A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens a Remote Desktop (.rdp) configuration file located in the same network directory as a specially crafted DLL file.

Resolution

Apply the update referenced in Microsoft Security Bulletin 11-017.

References

<http://www.microsoft.com/technet/security/Bulletin/MS11-017.mspx&gt;

Limitations

An SMB share which is readable by the target computer, and a user name and password with write access to that share, must be specified.

The target user must open the RDP file located on the specified share.

Platforms

Windows

Related

checkpoint_advisories 2
saint 3
cve 1
prion 1
mskb 1
nvd 1
openvas 2
nessus 1
cvelist 1
securityvulns 1
checkpoint_advisories
checkpoint_advisories
Microsoft Remote Desktop Client Insecure Library Loading (MS11-017; CVE-2011-0029)
2011-03-08 00:00:00
Multiple Products .DLL Insecure Library Loading (CVE-2011-0029; CVE-2011-1980)
2011-09-13 00:00:00
saint
saint
Microsoft Remote Desktop Connection Insecure Library Injection
2011-03-14 00:00:00
Microsoft Remote Desktop Connection Insecure Library Injection
2011-03-14 00:00:00
Microsoft Remote Desktop Connection Insecure Library Injection
2011-03-14 00:00:00
cve
cve
CVE-2011-0029
2011-03-09 23:00:01
prion
prion
Design/Logic Flaw
2011-03-09 23:00:00
mskb
mskb
MS11-017: Vulnerability in Remote Desktop client could allow remote code execution: March 8, 2011
2011-03-08 00:00:00
nvd
nvd
CVE-2011-0029
2011-03-09 23:00:01
openvas
openvas
Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062)
2011-03-09 00:00:00
Microsoft Remote Desktop Client Remote Code Execution Vulnerability (2508062)
2011-03-09 00:00:00
nessus
nessus
MS11-017: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (2508062)
2011-03-08 00:00:00
cvelist
cvelist
CVE-2011-0029
2011-03-09 22:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2011-03-09 00:00:00

0.958 High

EPSS

Percentile

99.5%

JSON
Related for SAINT:B868DCDE3068912E1FCE6F3D94B1FC46
checkpoint_advisories2saint3cve1prion1mskb1nvd1openvas2nessus1cvelist1securityvulns1