Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2016:2402-1

Опубликовано: 27 сент. 2016
Источник: suse-cvrf

Описание

Security update for freerdp

This update for freerdp fixes the following issues:

Security issues fixed:

  • CVE-2013-4118: Add a NULL pointer check to fix a server crash (boo#829013).

  • CVE-2014-0791: The remaining length in the stream is checked before doing some malloc(), which could have lead to crashes. (boo#857491).

Список пакетов

openSUSE Leap 42.1
freerdp-1.0.2-11.1
freerdp-devel-1.0.2-11.1
libfreerdp-1_0-1.0.2-11.1
libfreerdp-1_0-plugins-1.0.2-11.1

Ссылки

Описание

FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.

Затронутые продукты
openSUSE Leap 42.1:freerdp-1.0.2-11.1
openSUSE Leap 42.1:freerdp-devel-1.0.2-11.1
openSUSE Leap 42.1:libfreerdp-1_0-1.0.2-11.1
openSUSE Leap 42.1:libfreerdp-1_0-plugins-1.0.2-11.1
Ссылки

Описание

Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.

Затронутые продукты
openSUSE Leap 42.1:freerdp-1.0.2-11.1
openSUSE Leap 42.1:freerdp-devel-1.0.2-11.1
openSUSE Leap 42.1:libfreerdp-1_0-1.0.2-11.1
openSUSE Leap 42.1:libfreerdp-1_0-plugins-1.0.2-11.1
Ссылки
Уязвимость openSUSE-SU-2016:2402-1