Lucene search
+L

5 matches found

redhat
redhat
added 2024/11/12 9:36 a.m.6 views

freerdp: OutOfBound Read in zgfx_decompress_segment

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...

9.8CVSS5.8AI score0.0195EPSS
Exploits1References5
susecve
susecve
added 2024/04/24 2:48 a.m.2 views

SUSE CVE-2024-32039

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use /gfx options e.g. deactivat...

7.5CVSS9.3AI score0.02275EPSS
Exploits0References6
osv
osv
added 2024/04/23 12:0 a.m.2 views

UBUNTU-CVE-2024-32039

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use /gfx options e.g. deactivat...

9.8CVSS7.4AI score0.02275EPSS
Exploits0References9
redhat
redhat
added 2021/05/18 2:41 p.m.6 views

freerdp: integer overflow due to missing input sanitation in rdpegfx channel

In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data th...

3.5CVSS5.8AI score0.01466EPSS
Exploits0References5
osv
osv
added 2020/07/27 6:15 p.m.1 views

DEBIAN-CVE-2020-15103

In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data th...

3.5CVSS6.8AI score0.01466EPSS
Exploits0References1
Rows per page
Query Builder