freerdp: zgfx_decompress out of memory

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

SUSE CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

SUSE CVE-2018-8785

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompress that results in a memory corruption and probably even a remote code execution...

FreeRDP Buffer Overflow Vulnerability (CNVD-2019-00653)

FreeRDP is a free, open source implementation of the Remote Desktop Protocol RDP developed by the FreeRDP team. A heap buffer overflow vulnerability exists in the 'zgfxdecompress' function in versions of FreeRDP prior to 2.0.0-rc4, which can be exploited by a remote attacker to cause a denial of...

CVE-2018-8784

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...