Total
92 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8786 | 5 Canonical, Debian, Fedoraproject and 2 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. | |||||
CVE-2018-8785 | 2 Canonical, Freerdp | 2 Ubuntu Linux, Freerdp | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. | |||||
CVE-2017-2835 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability. | |||||
CVE-2017-2838 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | |||||
CVE-2017-2839 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | |||||
CVE-2017-2837 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | |||||
CVE-2017-2834 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-02-28 | 6.8 MEDIUM | 7.0 HIGH |
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability. | |||||
CVE-2017-2836 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | |||||
CVE-2013-4119 | 1 Freerdp | 1 Freerdp | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. | |||||
CVE-2013-4118 | 2 Freerdp, Opensuse | 3 Freerdp, Leap, Opensuse | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | |||||
CVE-2014-0250 | 2 Freerdp, Opensuse | 2 Freerdp, Opensuse | 2024-02-28 | 7.5 HIGH | N/A |
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | |||||
CVE-2014-0791 | 1 Freerdp | 1 Freerdp | 2024-02-28 | 6.8 MEDIUM | N/A |
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet. |