CVE-2022-23484

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-23484

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23484.json

Aliases

GHSA-rqfx-5fv8-q9c6

Related

Published

2022-12-09T18:15:17Z

Modified

2023-11-29T09:26:56.899177Z

Details

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdpmmprocessrailupdatewindowtext() function. There are no known workarounds for this issue. Users are advised to upgrade.

References

Affected packages

Git / github.com/neutrinolabs/xrdp

Affected ranges

Type: GIT
Repo: https://github.com/neutrinolabs/xrdp
Events: Introduced

0The exact introduced commit is unknown

Fixed

83a4d55b144693eef7ba71314d99c875d3169e06

Affected versions

v0.*

v0.9.1

v0.9.10

v0.9.11

v0.9.12

v0.9.13

v0.9.13.1

v0.9.14

v0.9.15

v0.9.16

v0.9.17

v0.9.18

v0.9.18.1

v0.9.19

v0.9.2

v0.9.20

v0.9.3

v0.9.3.1

v0.9.3.rc1

v0.9.4

v0.9.4.rc1

v0.9.5

v0.9.6

v0.9.7

v0.9.8

v0.9.9