19 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-30576
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute...
CVE-2023-30576
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...
BIT-GUACAMOLE-2020-9497
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the...
BIT-GUACAMOLE-2023-30576
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...
BIT-GUACAMOLE-SERVER-2023-30576
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...
BIT-GUACAMOLE-SERVER-2023-43826
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...
BIT-GUACAMOLE-2023-43826
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...
Apache Guacamole Integer Overflow Vulnerability
Apache Guacamole is a clientless remote desktop gateway from the Apache USA Foundation. The product supports protocols such as VNC, RDP and SSH. An integer overflow vulnerability exists in Apache Guacamole 1.5.3 and earlier versions, which can be exploited by an attacker to execute arbitrary code...
CVE-2023-43826
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...
Integer overflow
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...
CVE-2023-43826
Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...
PT-2023-29003 · Apache +1 · Apache Guacamole +1
Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.5.3 and older Description: The issue arises from inconsistent handling of values received from a VNC server, which can lead to integer overflow. If a user connects to a malicious or compromised VNC server,...
CVE-2023-30576
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...
CVE-2023-30576
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...
CVE-2023-30576 Apache Guacamole: Use-after-free in handling of RDP audio input buffer
Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...
DEBIAN-CVE-2020-9497
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within the memory ofthe guacd process handling the...
Memory corruption
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be...
CVE-2020-9498
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be...
PT-2020-20701 · Apache · Apache Guacamole
Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.1.0 and older Description: The issue arises from improper validation of data received from RDP servers via static virtual channels. If a user connects to a malicious or compromised RDP server, specially-crafted PDU...