36 matches found
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions have a flaw in offset validation, which can lead to an out-of-bounds read. In the libfreerdp/codec/rfx.c file, there is no validation for the offsets in tile-quantIdxY,...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that use versions of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read vulnerabilities. Versions 3.5.0 and 2.11.6 address this issue. As a workaround, use the /gfx or /rfx modes default setting; requires...
freerdp security update
2:2.11.7-7 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162949, RHEL-162965...
freerdp security update
2:2.11.7-1.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162958, RHEL-162978...
freerdp security update
2:3.10.3-5.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162946, RHEL-162962...
EUVD-2020-3427
Malware in sbrugna...
CVE-2021-39595
An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function rfxalloc located in mem.c. It allows an attacker to cause code Execution...
Fedora 40 : xrdp (2024-e142be4915)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e142be4915 advisory. Release notes for xrdp v0.10.1 2024/07/31 General announcements A clipboard bugfix included in this release is sponsored by Krmer Pferdesport GmbH & Co KG. W...
Fedora 39 : xrdp (2024-41c1bf8de6)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-41c1bf8de6 advisory. Release notes for xrdp v0.10.1 2024/07/31 General announcements A clipboard bugfix included in this release is sponsored by Krmer Pferdesport GmbH & Co KG. W...
CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...
UBUNTU-CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...
CVE-2024-32460 FreeRDP Out-Of-Bounds Read in interleaved_decompress
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using /bpp:32 legacy GDI drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawin...
CVE-2024-32041
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...
CVE-2024-32458 FreeRDP Out-Of-Bounds Read in planar_skip_plane_rle
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...
CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...
CVE-2024-32041
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...
CVE-2024-22915
A heap-use-after-free was found in SWFTools v0.9.2, in the function swfDeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution...
OESA-2023-1656 freerdp security update
FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp and wlfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache...
The vulnerability in the `libfreerdp/codec/rfx.c` component of the RDP client FreeRDP, related to the occurrence of operations outside the buffer boundaries in memory, allows a hacker to trigger a service failure.
The vulnerability in the libfreerdp/codec/rfx.c component of the RDP client FreeRDP is related to the issue where operations are performed outside of the buffer boundaries in memory when processing parameters tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr. Exploiting this vulnerability can...
DEBIAN-CVE-2023-39353
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...