Page 2 of 20 results (0.010 seconds)

CVSS: 9.8EPSS: 16%CPEs: 3EXPL: 1

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un subdesbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función rdpsnddbg_process() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html http://www.securityfocus.com/bid/106938 https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1 https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://security.gentoo.org/glsa/201903-06 https://www.debian.org/security/2019/dsa-4394 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 1

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función rdp_in_unistr() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html http://www.securityfocus.com/bid/106938 https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1 https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://security.gentoo.org/glsa/201903-06 https://www.debian.org/security/2019/dsa-4394 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene una lectura fuera de límites en la función ui_clip_handle_data(), que resulta en una fuga de información. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html http://www.securityfocus.com/bid/106938 https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1 https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://security.gentoo.org/glsa/201903-06 https://www.debian.org/security/2019/dsa-4394 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 5%CPEs: 3EXPL: 1

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un subdesbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función seamless_process() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html http://www.securityfocus.com/bid/106938 https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1 https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://security.gentoo.org/glsa/201903-06 https://www.debian.org/security/2019/dsa-4394 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. Las versiones de rdesktop, hasta la v1.8.3 (inclusivas), contienen un desbordamiento de búfer basado en memoria dinámica (heap) en la función cssp_read_tsrequest(), lo que podría resultar en una corrupción de memoria o incluso una ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html http://www.securityfocus.com/bid/106938 https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1 https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients https://security.gentoo.org/glsa/201903-06 https://www.debian.org/security/2019/dsa-4394 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •