CVE-2022-23478

CRITICAL Year: 2022
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-787
View all →

Vulnerability Description

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

Related Vulnerabilities

CVE-2007-0899

CRITICAL
CVSS:9.8(Critical)

There is a possible heap overflow in libclamav/fsg.c before 0.100.0.

CWE-7872007

CVE-2010-4344

CRITICAL
CVSS:9.8(Critical)

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conju...

CWE-7872010

CVE-2011-1180

CRITICAL
CVSS:9.8(Critical)

Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory...

CWE-7872011

CVE-2011-2462

CRITICAL
CVSS:9.8(Critical)

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute ar...

CWE-7872011

CVE-2011-4372

CRITICAL
CVSS:9.8(Critical)

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors,...

CWE-7872011