8 matches found
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to a Out-of-Bounds Read vulnerability in the nscrledecompressdata function. This vulnerability occurs because the function processes context-Planes without...
SUSE CVE-2023-40187
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of the 3.x beta branch are subject to a Use-After-Free issue in the avc420ensurebuffer and avc444ensurebuffer functions. If the value of piDstSizex is 0, ppYUVDstDatax will be...
UBUNTU-CVE-2023-40575
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalYUV444ToRGB8uP3AC4RBGRX function. This issue is likely down to insufficient data for the pSrc variable and results in crashe...
UBUNTU-CVE-2023-40569
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the progressivedecompress function. This issue is likely down to incorrect calculations of the nXSrc and nYSrc variables. This issue h...
UBUNTU-CVE-2023-39353
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...
UBUNTU-CVE-2023-39355
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Versions of FreeRDP on the 3.x release branch before beta3 are subject to a Use-After-Free in processing RDPGFXCMDIDRESETGRAPHICS packets. If context-maxPlaneSize is 0, context-planesBuffer wil...
UBUNTU-CVE-2023-39350
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS e.g. abort due to WINPRASSERT with default compilation flags. When an insufficient blockLen is provided, and proper length...
PT-2023-4666 · Freerdp +8 · Freerdp +8
Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue affects FreeRDP clients only and is related to an integer underflow leading to a Denial of Service DOS vulnerability. When an insufficient blockLen ...