Back to directory
WRITEUP #3176

Remote Deserialization Bug in Microsoft's RDP Client through Smart Card Extension (CVE-2021-38666)

OtherMemory corruption
byValentino Ricotta
Bounty
5,000
Program
Microsoft
Published
Dec 10, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://thalium.github.io/blog/posts/deserialization-bug-through-rdp-smart-card-extension/
RELATED WRITEUPS
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free
Ghost in the PPL Part 3: LSASS Memory Dump
OtherUse-After-Free
CVE-2024-37079:
OtherInteger underflow
Vulnerabilities in NodeJS C/C++ add-on extensions
OtherMemory corruption

Built with ❤️ by Shubham Rawat