Описание
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1803
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42277
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9800
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698
- http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdesktop.c?r1=1.161&r2=1.162&pathrev=HEAD
- http://secunia.com/advisories/30118
- http://secunia.com/advisories/30248
- http://secunia.com/advisories/30713
- http://secunia.com/advisories/31224
- http://secunia.com/advisories/31928
- http://security.gentoo.org/glsa/glsa-200806-04.xml
- http://sourceforge.net/mailarchive/message.php?msg_name=20080511065217.GA24455%40cse.unsw.EDU.AU
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1
- http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm
- http://www.debian.org/security/2008/dsa-1573
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:101
- http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html
- http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html
- http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html
- http://www.redhat.com/support/errata/RHSA-2008-0575.html
- http://www.securityfocus.com/bid/29097
- http://www.securitytracker.com/id?1019992
- http://www.ubuntu.com/usn/usn-646-1
- http://www.vupen.com/english/advisories/2008/1467/references
- http://www.vupen.com/english/advisories/2008/2403
EPSS
CVE ID
Связанные уязвимости
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Integer signedness error in the xrealloc function (rdesktop.c) in RDes ...
EPSS