CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8796 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8796
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault). Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen una lectura fuera de límites en la función process_bitmap_updates(), lo que resulta en una denegación de servicio (segfault). Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 ... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 0CVE-2018-8797 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8797
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen un desbordamiento de búfer basado en memoria dinámica (heap) en la función process_plane(), lo que podría resultar en una corrupción de memoria o incluso una ejecución remota de código. Multiple vulnerabilities have been discovered in rdesktop, the worst o... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8798 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8798
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak. Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen una lectura fuera de límites en la función rdpsnd_process_ping(), lo que resulta en una fuga de información. Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8799 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8799
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault). Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen una lectura fuera de límites en la función process_secondary_order(), lo que resulta en una denegación de servicio (segfault). Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 0CVE-2018-8800 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8800
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution. Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen un desbordamiento de búfer basado en memoria dinámica (heap) en la función ui_clip_handle_data(), lo que podría resultar en una corrupción de memoria o incluso una ejecución remota de código. Multiple vulnerabilities have been discovered in rdesktop,... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8791 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8791
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak. Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen una lectura fuera de límites en la función rdpdr_process(), lo que resulta en una fuga de información. Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8792 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8792
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault). Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen una lectura fuera de límites en la función cssp_read_tsrequest(), lo que resulta en una denegación de servicio (segfault). Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are af... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 8%CPEs: 4EXPL: 0CVE-2018-8793 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-8793
05 Feb 2019 — rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen un desbordamiento de búfer basado en memoria dinámica (heap) en la función cssp_read_tsrequest(), lo que podría resultar en una corrupción de memoria o incluso una ejecución remota de código. Multiple vulnerabilities have been discovered in rdesktop,... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 1CVE-2019-1000019 – libarchive: Out of bounds read in archive_read_support_format_7zip.c resulting in a denial of service
https://notcve.org/view.php?id=CVE-2019-1000019
04 Feb 2019 — libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. libarchive en versiones desde el commit con ID bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 y siguientes (desde la versión v3.0.2) contiene una vulne... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 0CVE-2019-1000020 – libarchive: Infinite recursion in archive_read_support_format_iso9660.c resulting in denial of service
https://notcve.org/view.php?id=CVE-2019-1000020
04 Feb 2019 — libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file. libarchive, en versiones desde el commit con ID 5a98dcf8a86364b3c2c469c85b93647dfb139961 (desde la ve... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •