CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
94.3%
Multiple stack-based buffer overflows in the tsc_launch_remote function
(src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly
other versions, allow user-assisted remote attackers to execute arbitrary
code via a .RDP file with a long (1) username, (2) password, or (3) domain
argument. NOTE: the provenance of this information is unknown; the details
are obtained solely from third party information.
Author | Note |
---|---|
jdstrand | likely similar to stack overflow in CVE-2011-0900 |