Rapid7 VulnDB

MS11-017: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062)

Back to Search

MS11-017: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2508062)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
03/09/2011
Created
07/25/2018
Added
03/09/2011
Modified
09/09/2016

Description

This security update resolves a publicly disclosed vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user opens a legitimate Remote Desktop configuration (.rdp) file located in the same network folder as a specially crafted library file. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.

Solution(s)

  • WINDOWS-HOTFIX-MS11-017-07c7a225-474c-4610-b043-b5d54c6809ff
  • WINDOWS-HOTFIX-MS11-017-07ee74c1-23bd-452f-8e9b-09702326b2ae
  • WINDOWS-HOTFIX-MS11-017-09db8845-e371-4c9e-8569-435d68387816
  • WINDOWS-HOTFIX-MS11-017-3437a918-ef2d-4982-9745-1ab240379920
  • WINDOWS-HOTFIX-MS11-017-34df9b09-3679-4a0b-bff5-941fd435639c
  • WINDOWS-HOTFIX-MS11-017-4137123-legacy
  • WINDOWS-HOTFIX-MS11-017-436c10de-9ce8-4ff8-891c-3b52ad59d45f
  • WINDOWS-HOTFIX-MS11-017-4e846467-66e6-4fd2-b209-0a8390df4d1d
  • WINDOWS-HOTFIX-MS11-017-5683c41e-d5f0-4198-8cdd-e9df841f2791
  • WINDOWS-HOTFIX-MS11-017-5a40ee26-80c1-4ee7-893e-9e6862074e07
  • WINDOWS-HOTFIX-MS11-017-68bef8fb-00cc-4818-9994-ecf404bb2da4
  • WINDOWS-HOTFIX-MS11-017-6df148e9-fdcf-4d5d-a535-25eb15d16788
  • WINDOWS-HOTFIX-MS11-017-7205e9bb-a127-485e-b1bf-fc96fa872aa4
  • WINDOWS-HOTFIX-MS11-017-a3336914-7c62-4cbb-ab41-c0953d759556
  • WINDOWS-HOTFIX-MS11-017-abc3b0bf-467a-4d0f-bc7c-269e1188af47
  • WINDOWS-HOTFIX-MS11-017-d711cfc1-7de1-4dc4-81a3-0b706b7a9bc0
  • WINDOWS-HOTFIX-MS11-017-d8019fca-9924-46ad-b75c-c49f27a6a08b
  • WINDOWS-HOTFIX-MS11-017-d9df9053-a0ca-4b51-bd61-e1ba58da823e
  • WINDOWS-HOTFIX-MS11-017-dd71db47-65f9-4825-8b86-36c49579c415
  • WINDOWS-HOTFIX-MS11-017-dd9c7325-7a1c-4f3e-9445-1de44f1e1672

References

  • WINDOWS-HOTFIX-MS11-017-07c7a225-474c-4610-b043-b5d54c6809ff
  • WINDOWS-HOTFIX-MS11-017-07ee74c1-23bd-452f-8e9b-09702326b2ae
  • WINDOWS-HOTFIX-MS11-017-09db8845-e371-4c9e-8569-435d68387816
  • WINDOWS-HOTFIX-MS11-017-3437a918-ef2d-4982-9745-1ab240379920
  • WINDOWS-HOTFIX-MS11-017-34df9b09-3679-4a0b-bff5-941fd435639c
  • WINDOWS-HOTFIX-MS11-017-4137123-legacy
  • WINDOWS-HOTFIX-MS11-017-436c10de-9ce8-4ff8-891c-3b52ad59d45f
  • WINDOWS-HOTFIX-MS11-017-4e846467-66e6-4fd2-b209-0a8390df4d1d
  • WINDOWS-HOTFIX-MS11-017-5683c41e-d5f0-4198-8cdd-e9df841f2791
  • WINDOWS-HOTFIX-MS11-017-5a40ee26-80c1-4ee7-893e-9e6862074e07
  • WINDOWS-HOTFIX-MS11-017-68bef8fb-00cc-4818-9994-ecf404bb2da4
  • WINDOWS-HOTFIX-MS11-017-6df148e9-fdcf-4d5d-a535-25eb15d16788
  • WINDOWS-HOTFIX-MS11-017-7205e9bb-a127-485e-b1bf-fc96fa872aa4
  • WINDOWS-HOTFIX-MS11-017-a3336914-7c62-4cbb-ab41-c0953d759556
  • WINDOWS-HOTFIX-MS11-017-abc3b0bf-467a-4d0f-bc7c-269e1188af47
  • WINDOWS-HOTFIX-MS11-017-d711cfc1-7de1-4dc4-81a3-0b706b7a9bc0
  • WINDOWS-HOTFIX-MS11-017-d8019fca-9924-46ad-b75c-c49f27a6a08b
  • WINDOWS-HOTFIX-MS11-017-d9df9053-a0ca-4b51-bd61-e1ba58da823e
  • WINDOWS-HOTFIX-MS11-017-dd71db47-65f9-4825-8b86-36c49579c415
  • WINDOWS-HOTFIX-MS11-017-dd9c7325-7a1c-4f3e-9445-1de44f1e1672

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;