FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
History

Wed, 13 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-04-23T20:17:30.949Z

Updated: 2024-08-02T02:13:40.282Z

Reserved: 2024-04-16T14:15:26.878Z

Link: CVE-2024-32662

cve-icon Vulnrichment

Updated: 2024-05-09T18:28:59.173Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-23T21:15:48.200

Modified: 2024-11-21T09:15:25.340

Link: CVE-2024-32662

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-04-23T00:00:00Z

Links: CVE-2024-32662 - Bugzilla