4 matches found
freerdp: missing path sanitation with `drive` channel
A directory traversal issue was discovered in FreeRDP. The vulnerability exists due to missing path canonicalization and base path check for the drive channel. A malicious server can trick a FreeRDP based client to read files outside of the shared directory. This issue allows an attacker to gain...
Information Disclosure
freerdp is vulnerable to information disclosure. The vulnerability exists due to missing path canonicalization and base path check for drive channel which allows an attacker to gain access and read files outside the shared directory...
UBUNTU-CVE-2022-39347
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for drive channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. This issue has been addressed in...
CVE-2022-39347
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for drive channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. This issue has been addressed in...