This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a remote desktop session to a host that has been compromised or otherwise under control of an attacker. The specific flaw exists within the Remote Desktop client. A crafted audio packet can trigger access to memory prior to initialization. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the Remote Desktop client process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 - |
||
microsoft windows server 2008 - |
||
microsoft windows server 2012 - |
||
microsoft windows server 2019 - |
||
microsoft windows server 2022 - |
||
microsoft windows 10 20h2 |
||
microsoft windows 11 21h2 |
||
microsoft windows 10 21h2 |
||
microsoft windows 11 22h2 |
||
microsoft windows 10 22h2 |
||
microsoft windows 10 1809 |
||
microsoft windows 10 1607 |
||
microsoft windows 10 1507 |
||
microsoft remote desktop |