Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1000852

Опубликовано: 20 дек. 2018
Источник: nvd
CVSS3: 6.5
CVSS2: 6.4
EPSS Низкий

Описание

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
Версия до 2.0.0 (исключая)
cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc0:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

EPSS

Процентиль: 74%
0.00833
Низкий

6.5 Medium

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2018-1000852

CVSS3: 6.5
ubuntu
около 7 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

redhat логотип

CVE-2018-1000852

CVSS3: 4.3
redhat
больше 7 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

debian логотип

CVE-2018-1000852

CVSS3: 6.5
debian
около 7 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac ...

github логотип

GHSA-vr2x-32cg-pm8g

CVSS3: 6.5
github
больше 3 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

oracle-oval логотип

ELSA-2019-2157

oracle-oval
больше 6 лет назад

ELSA-2019-2157: freerdp and vinagre security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 74%
0.00833
Низкий

6.5 Medium

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-125