24 matches found
Out-of-bounds Read
libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to inadequate bounds checking in the zgfxdecompresssegment function because the variable count is not checked against StreamGetRemainingLength. This could allow an attacker to potentially access sensitive information o...
The vulnerability of the zgfx_decompress_segment() function in the RDP client FreeRDP, which allows a hacker to disclose protected information
The vulnerability of the zgfxdecompresssegment function in the RDP client FreeRDP involves reading beyond the memory boundaries. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by this function...
CVE-2024-32041 FreeRDP OutOfBound Read in zgfx_decompress_segment
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...
CVE-2024-32041
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...
CVE-2024-32041 FreeRDP OutOfBound Read in zgfx_decompress_segment
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...
Out-Of-Bound Read
libfreerdp.so is vulnerable to Out-Of-Bound Read. The vulnerability exists due to the integer underflow in the cBitsRemaining calculation in the zgfxdecompresssegment function of zgfx.c, which allows an attacker to read data beyond the transmitted packet range in the context of CopyMemory, leadin...
CVE-2023-40181
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
CVE-2023-40181
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
CVE-2023-40181
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
Integer overflow
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
CVE-2023-40181 Integer-Underflow leading to Out-Of-Bound Read in FreeRDP
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
CVE-2023-40181
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
CVE-2023-40181
CVE-2023-40181 (FreeRDP) is an integer-underflow in the zgfx_decompress_segment path that can cause an out-of-bounds read during CopyMemory, potentially crashing the client. Affected are FreeRDP variants implementing RDP; the issue is fixed in versions 2.11.0 and 3.0.0-beta3. The vulnerability st...
CVE-2023-40181 Integer-Underflow leading to Out-Of-Bound Read in FreeRDP
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...
The vulnerability of the zgfx_decompress_segment() function in the ZGFX decoder of the FreeRDP remote desktop protocol allows a hacker to trigger a service failure.
The vulnerability of the zgfxdecompresssegment function in the ZGFX decoder of the FreeRDP remote desktop protocol lies in the fact that the operation for checking the length of input data occurs outside the buffer. Exploiting this vulnerability could allow a malicious actor to cause service...
Vulnerability of the zgfx_decompress_segment() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code
The vulnerability of the zgfxdecompresssegment function in the RDP client FreeRDP arises from an operation that occurs outside the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
Heap overflow
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...