CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2835 – Ubuntu Security Notice USN-3380-1
https://notcve.org/view.php?id=CVE-2017-2835
01 Aug 2017 — An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability. Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad RDP receive de FreeRDP 2.0.0-beta1+android11. Una respuesta del servidor especialmente manipulada podría provo... • https://www.debian.org/security/2017/dsa-3923 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2834 – Ubuntu Security Notice USN-3380-1
https://notcve.org/view.php?id=CVE-2017-2834
01 Aug 2017 — An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability. Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad de autenticación de FreeRDP 2.0.0-beta1+android11. Una respuesta del servidor especialmente manipula... • http://www.securityfocus.com/bid/99942 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2837 – Ubuntu Security Notice USN-3380-1
https://notcve.org/view.php?id=CVE-2017-2837
01 Aug 2017 — An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. Existe una vulnerabilidad explotable de denegación de servicio (DoS) en la gestión de datos de seguridad en FreeRDP 2.0.0-beta1+android11. Un paquete challenge especialmente manipu... • http://www.securityfocus.com/bid/99942 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2836 – Ubuntu Security Notice USN-3380-1
https://notcve.org/view.php?id=CVE-2017-2836
01 Aug 2017 — An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. Existe una vulnerabilidad explotable de denegación de servicio (DoS) en la lectura de certificados propietarios del servidor en FreeRDP 2.0.0-beta1+android11. Un p... • http://www.securityfocus.com/bid/99942 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2013-4118
https://notcve.org/view.php?id=CVE-2013-4118
03 Oct 2016 — FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. FreeRDP en versiones anteriores a 1.1.0-beta1 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída de aplicación) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-updates/2016-09/msg00101.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-4119
https://notcve.org/view.php?id=CVE-2013-4119
03 Oct 2016 — FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. FreeRDP en versiones anteriores a 1.1.0-beta+2013071101 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída de aplicación) desconectando antes de que la autenticación haya finalizado. • http://www.openwall.com/lists/oss-security/2013/07/11/12 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-0250 – Gentoo Linux Security Advisory 201412-18
https://notcve.org/view.php?id=CVE-2014-0250
16 Nov 2014 — Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. Múltiples desbordamientos de enteros en client/x11/xf_graphics.c en FreeRDP permite a atacantes remotos tener un impacto no especificado a través de la anchura y la altura de la función (1) xf_Pointer_New o (2) xf_Bitmap_Decompress, lo que prov... • http://advisories.mageia.org/MGASA-2014-0287.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2014-0791 – Ubuntu Security Notice USN-3380-1
https://notcve.org/view.php?id=CVE-2014-0791
03 Jan 2014 — Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet. Desbordamiento de entero en la función license_read_scope_list en libfreerdp/core/license.c FreeRDP hasta la versión 1.0.2 permite a servidores RDP remotos causar denegación de servicio (caída de la apli... • http://advisories.mageia.org/MGASA-2014-0287.html • CWE-189: Numeric Errors •