8 matches found
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...
FreeRDP 安全漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained security vulnerabilities. These vulnerabilities stemmed from the gdisurfacebits function not properly verifying the bmp.width and bmp.height values provid...
EUVD-2026-8739
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...
EUVD-2026-8735
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...
freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution.
A flaw was found in FreeRDP. A malicious server can exploit an out-of-bounds read/write vulnerability in the ClearCodec component by sending crafted RDPGFX surface updates. This can trigger a client-side heap buffer overflow, leading to a crash Denial of Service DoS and potential heap corruption...
PT-2026-22012
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the xf AppUpdateWindowFromSurface function where a cached XImage’s data pointer can reference a freed RDPGFX surface...
SUSE CVE-2015-5261
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation...