CVE-2017-2836

Summary

An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
FreeRDPFreeRDP2.0.0-beta1+android11 - Windows, OSX, Linuxaffected

Weaknesses

  • denial of service

ADP Enrichment

CVE Program Container

Additional References

References