CVE-2018-8784

Опубликовано: 29 нояб. 2018

Источник: debian

Описание

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
freerdp2	fixed	2.0.0~git20181120.1.e21b72c95+dfsg1-1		package
freerdp	removed			package
freerdp	not-affected		stretch	package
freerdp	not-affected		jessie	package

Примечания

https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7

Связанные уязвимости

CVE-2018-8784

CVSS3: 9.8

ubuntu

около 7 лет назад

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

CVE-2018-8784

CVSS3: 6.5

redhat

больше 7 лет назад

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

CVE-2018-8784

CVSS3: 9.8

nvd

около 7 лет назад

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

GHSA-9392-mf3x-x7wh

CVSS3: 9.8

github

больше 3 лет назад

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

BDU:2020-00625

CVSS3: 9.8

fstec

около 7 лет назад

Уязвимость функции zgfx_decompress_segment() RDP-клиента FreeRDP, позволяющая нарушителю выполнить произвольный код