VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 15, 2009· Updated Apr 23, 2026

CVE-2008-5904

CVE-2008-5904

Description

The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.

Affected products

5
  • Xrdp/Xrdp5 versions
    cpe:2.3:a:xrdp:xrdp:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:xrdp:xrdp:*:*:*:*:*:*:*:*range: <=0.4.1
    • cpe:2.3:a:xrdp:xrdp:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:xrdp:xrdp:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xrdp:xrdp:0.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:xrdp:xrdp:0.4:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.