Remote Desktop Services Remote Code Execution Vulnerability - CVE-2019-0887ID: oval:org.secpod.oval:def:57266 | Date: (C)2019-07-10 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker must already have compromised a system running Remote Desktop Services, and then wait for a victim system to connect to Remote Desktop Services.The update addresses the vulnerability by correcting how Remote Desktop Services handles clipboard redirection.
Platform: |
Microsoft Windows Server |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Product: |
Microsoft Remote Desktop Client |