Описание
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 1.8.4-1 |
| disco | not-affected | 1.8.4-1 |
| eoan | not-affected | 1.8.4-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 1.8.4-1 |
| esm-apps/jammy | not-affected | 1.8.4-1 |
| esm-apps/noble | not-affected | 1.8.4-1 |
| esm-apps/xenial | needed |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.
rdesktop versions up to and including v1.8.3 contain an Integer Underf ...
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.
Уязвимость функции lspci_process RDP-клиента rdesktop, связанная с целочисленным переполнением, приводящим к переполнению буфера на основе кучи, позволяющая нарушителю выполнить произвольный код
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3