Apache Guacamole 0.9.10 up to and including 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an malicious user to execute arbitrary code with the privileges of the guacd process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache guacamole |