CVE-2012-4415

Name of the Vulnerable Software and Affected Versions Guacamole versions prior to 0.6.3

Description The issue is related to a stack-based buffer overflow in the guac client plugin open function in libguac. This can be exploited by remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.

Recommendations For versions prior to 0.6.3, update to version 0.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the guac client plugin open function until a patch is available.