Published on 07/02/11 - Updated on 17/08/17
Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.