Astra Linux - уязвимость в freerdp2

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP lack a range check for the input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it. This issue has been...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free remote desktop protocol library and client. In affected versions, there is an out-of-bound read in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it, potentially leading to a cras...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an integer underflow leading to out-of-bounds read operations in the zgfxdecompresssegment function. In the context of CopyMemory, it’s possible to read dat...

MiracleLinux 9 : freerdp-2.4.1-5.el9 (AXSA:2023-5536:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5536:02 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...

MiracleLinux 8 : freerdp-2.2.0-10.el8 (AXSA:2023-5972:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5972:03 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...

EUVD-2022-41800

Malicious code in bioql PyPI...

EUVD-2022-41801

Malicious code in bioql PyPI...

freerdp: zgfx_decompress out of memory

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

freerdp: OutOfBound Read in zgfx_decompress_segment

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...

freerdp: integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

GLSA-202401-16 : FreeRDP: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-16 FreeRDP: Multiple Vulnerabilities - FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a...

SUSE CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

DEBIAN-CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

UBUNTU-CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

FreeRDP 数字错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a numeric error vulnerability that stems from an integer overflow in the zgfxdecompresssegment function that results in an out-of-bounds read...

PT-2023-4664 · Freerdp +8 · Freerdp +8

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to an Integer-Underflow leading to Out-Of-Bound Read in the zgfx decompress segment function. In the context of CopyMemory, it's possible...

freerdp security update

2:2.2.0-10 - Fix 'implicit declaration of function' errors 2136153, 2145139 - 2:2.2.0-9 - CVE-2022-39282: Fix length checks in parallel driver 2136151 - CVE-2022-39283: Add missing length check in video channel 2136153 - CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx 2145139 -...

freerdp: out of bounds read in zgfx decoder

An out-of-bounds read vulnerability was found in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it. This will result in a crash, causing a denial of service...

freerdp: undefined behaviour in zgfx decoder

An out-of-bounds read vulnerability was discovered in FreeRDP due to missing a range check for input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it, resulting in a crash...

freerdp: out of bounds read in zgfx decoder

An out-of-bounds read vulnerability was found in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it. This will result in a crash, causing a denial of service...