CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15682
https://notcve.org/view.php?id=CVE-2019-15682
30 Oct 2019 — RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5 RDesktop versión 1.8.4, contiene múltiples vulnerabilidades de lectura de acceso fuera de límite en su código, lo que resulta en una condición de denegación de servicio (DoS). Este ataque parece ser explotable mediante la conectividad de red. Estos probl... • https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20174 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20174
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene una lectura fuera de límites en la función ui_clip_handle_data(), que resulta en una fuga de información. Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20175 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20175
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault). rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene varios errores en la propiedad signedness de un número entero que conducen a lecturas fuera de límites en el archivo mcs.c y resultan en una denegación de servicio (segfault). Multiple vulnerabilities have been discovered in rdesktop, the worst of which could resul... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20176 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20176
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault). rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene varias lecturas fuera de límites en el archivo secure.c que resultan en una denegación de servicio (segfault). Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are affected. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 5EXPL: 1CVE-2018-20177 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20177
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función rdp_in_unistr() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de código... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20178 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20178
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function process_demand_active() that results in a Denial of Service (segfault). rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene una lectura fuera de límites en la función process_demand_active(), que resulta en una denegación de servicio (segfault). Multiple vulnerabilities have been discovered in rdesktop, the worst of which could result in the remote execution of arbitrary code. Versions less than 1.8.4 are af... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 7%CPEs: 1EXPL: 1CVE-2018-20179 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20179
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un subdesbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función lspci_process() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de có... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.8EPSS: 10%CPEs: 3EXPL: 1CVE-2018-20180 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20180
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un subdesbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función rdpsnddbg_process() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remo... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.8EPSS: 10%CPEs: 3EXPL: 1CVE-2018-20181 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20181
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un subdesbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función seamless_process() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 10%CPEs: 3EXPL: 1CVE-2018-20182 – Debian Security Advisory 4394-1
https://notcve.org/view.php?id=CVE-2018-20182
19 Feb 2019 — rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote code execution. rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un desbordamiento de búfer en las variables globales en la función seamless_process_line() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de código. Multiple vulnerabilities have been discovered in rd... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •