14 matches found
CVE-2019-17177
CVE-2019-17177 refers to a memory leak in FreeRDP: in libfreerdp/codec/region.c, a supplied realloc pointer (first argument) is also used for a realloc return value, leading to memory leaks in FreeRDP versions through 1.1.x and 2.x through 2.0.0-rc4. The connected documents confirm the vulnerable...
freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function
A flaw was found in freerdp in versions before versions 2.0.0-rc4. An integer overflow that leads to a heap-based buffer overflow in the gdiBitmapDecompress function leads to memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2019:0539-1)
This update for freerdp to version 2.0.0rc4 fixes the following issues : Security issues fixed : CVE-2018-0886: Fix a remote code execution vulnerability CredSSP bsc1085416, bsc1087240, bsc1104918 CVE-2018-8789: Fix several denial of service vulnerabilities in the in the NTLM Authentication modul...
Design/Logic Flaw
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution...
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
Heap overflow
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
Heap overflow
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompress that results in a memory corruption and probably even a remote code execution...
CVE-2018-8786
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
CVE-2018-8785
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompress that results in a memory corruption and probably even a remote code execution...
CVE-2018-8786
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...
CVE-2018-8788
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution...
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
CVE-2018-8785
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompress that results in a memory corruption and probably even a remote code execution...