Unrated severityNVD Advisory· Published Nov 16, 2014· Updated May 6, 2026

CVE-2014-0250

Description

Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.

Affected products

Freerdp/Freerdp3 versions
cpe:2.3:a:freerdp:freerdp:1.0.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:freerdp:freerdp:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cginvdVendor Advisory
github.com/FreeRDP/FreeRDP/issues/1871nvdVendor Advisory
advisories.mageia.org/MGASA-2014-0287.htmlnvd
lists.opensuse.org/opensuse-updates/2014-07/msg00008.htmlnvd
seclists.org/oss-sec/2014/q2/365nvd
security.gentoo.org/glsa/glsa-201412-18.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/bid/67670nvd
github.com/FreeRDP/FreeRDP/pull/1874nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000