FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values `rect->left` and `rect->top` are exactly equal to `surface->width` and `surface->height`. eg. `rect->left` == `surface->width` && `rect->top` == `surface->height`. In practice this should cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-08-31T20:46:31.858Z
Updated: 2024-08-02T18:10:20.242Z
Reserved: 2023-07-28T13:26:46.478Z
Link: CVE-2023-39352
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-31T21:15:07.873
Modified: 2024-11-21T08:15:13.080
Link: CVE-2023-39352
Redhat