39 matches found
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and client. In affected versions, there is an out-of-bound read in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it, potentially leading to a cras...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP lack a range check for the input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it. This issue has been...
MiracleLinux 9 : freerdp-2.4.1-5.el9 (AXSA:2023-5536:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5536:02 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...
MiracleLinux 8 : freerdp-2.2.0-10.el8 (AXSA:2023-5972:03)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5972:03 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...
EUVD-2022-41801
Malicious code in bioql PyPI...
EUVD-2022-41800
Malicious code in bioql PyPI...
GLSA-202401-16 : FreeRDP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-16 FreeRDP: Multiple Vulnerabilities - FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a...
freerdp: out of bounds read in zgfx decoder
An out-of-bounds read vulnerability was found in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it. This will result in a crash, causing a denial of service...
freerdp: undefined behaviour in zgfx decoder
An out-of-bounds read vulnerability was discovered in FreeRDP due to missing a range check for input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it, resulting in a crash...
freerdp: undefined behaviour in zgfx decoder
An out-of-bounds read vulnerability was discovered in FreeRDP due to missing a range check for input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it, resulting in a crash...
freerdp: out of bounds read in zgfx decoder
An out-of-bounds read vulnerability was found in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it. This will result in a crash, causing a denial of service...
SUSE CVE-2022-39316
FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. This issue has be...
SUSE SLED12 / SLES12 Security Update : freerdp (SUSE-SU-2023:0400-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0400-1 advisory. - FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound...
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2023-1313)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
freerdp -- multiple vulnerabilities
FreeRDP reports: GHSA-5w4j-mrrh-jjrm: Out of bound read in zgfx decoder. GHSA-99cm-4gw7-c8jh: Undefined behaviour in zgfx decoder. GHSA-387j-8j96-7q35: Division by zero in urbdrc channel. GHSA-mvxm-wfj2-5fvh: Missing length validation in urbdrc channel. GHSA-qfq2-82qr-7f4j: Heap buffer overflow i...
Updated freerdp packages fix security vulnerability
In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...
OESA-2022-2112 freerdp security update
FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp and wlfreerdp. Security Fixes: FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are...
The vulnerability of the ZGFX decoder in the implementation of the remote desktop protocol FreeRDP allows a intruder to gain unauthorized access to protected information.
The vulnerability of the ZGFX decoder in the implementation of the remote desktop protocol FreeRDP stems from the operation of pushing the index range beyond the buffer boundaries when checking the index with a shift. Exploiting this vulnerability can allow an intruder to gain unauthorized access...
Out Of Bound Reads
freerdp is vulnerable to out-of-bound reads. The vulnerability exists due to missing a range check for input offset index in ZGFX decoder which allows an attacker read out of bound data and send it back to the server...
ROS-20221121-02
A vulnerability in the FreeRDP remote desktop protocol implementation is related to the fact that there is no range check for the input offset index in the ZGFX decoder. Exploitation of the vulnerability could allow an attacker acting remotely to read the associated data and attempt to decode it...