CVE-2018-8785

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc3:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

History

21 Nov 2024, 04:14

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/106938 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106938 - Third Party Advisory, VDB Entry
References () https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d - Patch, Vendor Advisory () https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d - Patch, Vendor Advisory
References () https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ - Exploit, Third Party Advisory () https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ - Exploit, Third Party Advisory
References () https://usn.ubuntu.com/3845-1/ - Third Party Advisory () https://usn.ubuntu.com/3845-1/ - Third Party Advisory

Information

Published : 2018-11-29 18:29

Updated : 2024-11-21 04:14


NVD link : CVE-2018-8785

Mitre link : CVE-2018-8785

CVE.ORG link : CVE-2018-8785


JSON object : View

Products Affected

freerdp

  • freerdp

canonical

  • ubuntu_linux
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-787

Out-of-bounds Write