Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43169
HistorySep 06, 2023 - 7:47 a.m.

Denial Of Service (DoS)

2023-09-0607:47:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
libfreerdp.so
vulnerability
rfx.c
denial of service
stack overflow
attacker
application crash
arbitrary code
software

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.9%

libfreerdp.so is vulnerable to Denial Of Service (DoS). The vulnerability exists in the rfx.c due to a stack overflow error which allows an attacker to cause an application crash, or potentially execute arbitrary code.

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.9%