CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2018-8789
https://notcve.org/view.php?id=CVE-2018-8789
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene varias lecturas fuera de límites en el módulgo NTLM Authentication que resulta en una denegación de servicio (fallo de segmentación). • http://www.securityfocus.com/bid/106938 https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6 https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://usn.ubuntu.com/3845-1 https://usn.ubuntu.com/3845-2 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 14%CPEs: 6EXPL: 1CVE-2018-8784
https://notcve.org/view.php?id=CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress_segment() que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de código. • http://www.securityfocus.com/bid/106938 https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7 https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://usn.ubuntu.com/3845-1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 14%CPEs: 6EXPL: 1CVE-2018-8785
https://notcve.org/view.php?id=CVE-2018-8785
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress() que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de código. • http://www.securityfocus.com/bid/106938 https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://usn.ubuntu.com/3845-1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 16EXPL: 1CVE-2018-8786 – freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function
https://notcve.org/view.php?id=CVE-2018-8786
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un truncamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress() y que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de código. A flaw was found in freerdp in versions prior to version 2.0.0-rc4. An integer truncation that leads to a heap-based buffer overflow in the update_read_bitmap_update() function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.securityfocus.com/bid/106938 https://access.redhat.com/errata/RHSA-2019:0697 https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3 https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://usn.ubuntu.com/3845-1 https://usn.ubuntu.com/3845-2 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 7%CPEs: 15EXPL: 1CVE-2018-8787 – freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function
https://notcve.org/view.php?id=CVE-2018-8787
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función gdi_Bitmap_Decompress() y que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de código. A flaw was found in freerdp in versions before versions 2.0.0-rc4. An integer overflow that leads to a heap-based buffer overflow in the gdi_Bitmap_Decompress() function leads to memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.securityfocus.com/bid/106938 https://access.redhat.com/errata/RHSA-2019:0697 https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://usn.ubuntu.com/3845-1 https://usn.ubuntu.com/3845-2 https://access.redhat.com/security/cve/CVE-2018-8787 https://bugzilla.redhat.com/show_bug.cgi?id=1671361 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •