Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-1000852

Опубликовано: 19 сент. 2018
Источник: redhat
CVSS3: 4.3

Описание

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6freerdpWill not fix
Red Hat Enterprise Linux 8freerdpNot affected
Red Hat Enterprise Linux 7freerdpFixedRHSA-2019:215706.08.2019
Red Hat Enterprise Linux 7vinagreFixedRHSA-2019:215706.08.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1661640freerdp: out of bounds read in drdynvc_process_capability_request

4.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-1000852

CVSS3: 6.5
ubuntu
около 7 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

nvd логотип

CVE-2018-1000852

CVSS3: 6.5
nvd
около 7 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

debian логотип

CVE-2018-1000852

CVSS3: 6.5
debian
около 7 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac ...

github логотип

GHSA-vr2x-32cg-pm8g

CVSS3: 6.5
github
больше 3 лет назад

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.

oracle-oval логотип

ELSA-2019-2157

oracle-oval
больше 6 лет назад

ELSA-2019-2157: freerdp and vinagre security, bug fix, and enhancement update (LOW)

4.3 Medium

CVSS3