CVE-2009-1133Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Windows Server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
9.3CRITICALNVD
EPSS
67.1%
top 1.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows Server
Timeline
PublishedAug 12
Latest updateMay 2

Description

Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: www.vupen.comPatch: www.vupen.com

🔴Vulnerability Details

1
GHSA
GHSA-x679-rfx3-vg73: Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 52022-05-02
CVE-2009-1133 — Microsoft Windows Server vulnerability | cvebase