Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/tn63n2lon0h5p45oft834t1dqvvxownv | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2023-06-07T08:06:36.061Z
Updated: 2023-06-15T07:28:16.579Z
Reserved: 2023-04-12T20:53:54.616Z
Link: CVE-2023-30575
JSON object: View
NVD Information
Status : Modified
Published: 2023-06-07T09:15:09.993
Modified: 2023-06-15T08:15:09.223
Link: CVE-2023-30575
JSON object: View
Redhat Information
No data.
CWE