CVE-2018-8789

Опубликовано: 22 окт. 2018

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

Отчет

This issue did not affect the versions of freerdp as shipped with Red Hat Enterprise Linux 6 and 7 as they did not include the vulnerable code.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	freerdp	Not affected
Red Hat Enterprise Linux 7	freerdp	Not affected
Red Hat Enterprise Linux 8	freerdp	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1671367freerdp: Several out-of-bounds reads in NTLM authentication module resulting in a denial of service

EPSS

Процентиль: 82%

0.01654

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2018-8789

CVSS3: 7.5

ubuntu

около 7 лет назад

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

CVE-2018-8789

CVSS3: 7.5

nvd

около 7 лет назад

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

CVE-2018-8789

CVSS3: 7.5

debian

около 7 лет назад

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Read ...

GHSA-4cwq-wchg-fr2c

CVSS3: 7.5

github

больше 3 лет назад

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

BDU:2020-00623

CVSS3: 7.5

fstec

около 7 лет назад

Уязвимость модуля аутентификации NTLM RDP-клиента FreeRDP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 82%

0.01654

Низкий

6.5 Medium

CVSS3