Executive Summary

Informations
Name CVE-2024-32662 First vendor Publication 2024-04-23
Vendor Cve Last vendor Modification 2024-04-24

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32662

Sources (Detail)

https://github.com/FreeRDP/FreeRDP/commit/626d10a94a88565d957ddc30768ed08b320...
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4
https://oss-fuzz.com/testcase-detail/4985227207311360
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2024-04-24 17:27:25
  • Multiple Updates
2024-04-24 00:27:29
  • First insertion