Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43211
HistorySep 11, 2023 - 10:00 a.m.

Denial Of Service (DoS)

2023-09-1110:00:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
libfreerdp.so
vulnerability
nsc_rle_decode
nsc_rle_decompress_data
dos
application crash

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

0.001 Low

EPSS

Percentile

34.0%

libfreerdp.so is vulnerable to Denial Of Service (DoS). The vulnerability is due to a defect in the nsc_rle_decode and nsc_rle_decompress_data functions in the libfreerdp/codec/nsc.c file. This can lead to application crash resulting in Denial of Service (DoS)

CPENameOperatorVersion
libfreerdp.soeq1.2.0
libfreerdp.soeq1.2.0

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

0.001 Low

EPSS

Percentile

34.0%