13 matches found
CVE-2020-11088
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadNegotiateMessage. This has been fixed in 2.1.0. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use...
CVE-2020-11086
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadntlmv2clientchallenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0. Mitigation Mitigation for this issue is either not available or the currently available options do...
CVE-2020-11043
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfxprocessmessagetileset. Invalid data fed to RFX decoder results in garbage on screen as colors. This has been patched in 2.1.0...
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-2580)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-1000852
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvcmain.c, drdynvcprocesscapabilityrequest that can result in The RDP server can read the client's memory.. This attack appear to...
CVE-2018-8787
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdiBitmapDecompress and results in a memory corruption and probably even a remote code execution...
CVE-2017-2835
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to...
Design/Logic Flaw
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...
CVE-2017-2834
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...
CVE-2017-2836
CVE-2017-2836 : FreeRDP contains an exploitable denial-of-service in the handling of proprietary server certificates. A specially crafted challenge packet can cause the program to terminate, resulting in a DoS condition. Affected component: FreeRDP 2.0.0-beta1+android11 (reading of server certifi...
CVE-2017-2839
CVE-2017-2839 affects FreeRDP 2.0.0-beta1+android11. A vulnerability in the handling of challenge packets can cause the program to terminate, leading to a denial of service. An attacker could exploit this over the network, potentially compromising the server or performing a man-in-the-middle atta...
CVE-2017-2837
Removed by vendor...
CVE-2017-2839
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the...