CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:2.0.0:rc3:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

History

21 Nov 2024, 04:14

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/106938 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106938 - Third Party Advisory, VDB Entry
References () https://access.redhat.com/errata/RHSA-2019:0697 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2019:0697 - Third Party Advisory
References () https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3 - Patch, Vendor Advisory () https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3 - Patch, Vendor Advisory
References () https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/ -
References () https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ - Exploit, Third Party Advisory () https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ - Exploit, Third Party Advisory
References () https://usn.ubuntu.com/3845-1/ - Third Party Advisory () https://usn.ubuntu.com/3845-1/ - Third Party Advisory
References () https://usn.ubuntu.com/3845-2/ - Third Party Advisory () https://usn.ubuntu.com/3845-2/ - Third Party Advisory

07 Nov 2023, 03:01

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/', 'name': 'FEDORA-2019-b2d986c3e9', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/ -

Information

Published : 2018-11-29 18:29

Updated : 2024-11-21 04:14


NVD link : CVE-2018-8786

Mitre link : CVE-2018-8786

CVE.ORG link : CVE-2018-8786


JSON object : View

Products Affected

redhat

  • enterprise_linux_server
  • enterprise_linux_server_eus
  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_server_tus
  • enterprise_linux_workstation

canonical

  • ubuntu_linux

freerdp

  • freerdp

debian

  • debian_linux

fedoraproject

  • fedora
CWE
CWE-680

Integer Overflow to Buffer Overflow

CWE-681

Incorrect Conversion between Numeric Types

CWE-787

Out-of-bounds Write