Unrated severityNVD Advisory· Published Nov 29, 2018· Updated Sep 17, 2024
CVE-2018-8784
CVE-2018-8784
Description
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- osv-coords11 versionspkg:rpm/opensuse/freerdp2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015pkg:rpm/suse/vinagre&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 2.4.0-2.1+ 10 more
- (no CPE)range: < 2.4.0-2.1
- (no CPE)range: < 2.0.0~git.1463131968.4e66df7-12.8.1
- (no CPE)range: < 2.0.0~git.1463131968.4e66df7-12.8.1
- (no CPE)range: < 2.0.0~git.1463131968.4e66df7-12.8.1
- (no CPE)range: < 2.0.0~git.1463131968.4e66df7-12.8.1
- (no CPE)range: < 2.1.2-12.20.1
- (no CPE)range: < 2.0.0~git.1463131968.4e66df7-12.8.1
- (no CPE)range: < 2.0.0~git.1463131968.4e66df7-12.8.1
- (no CPE)range: < 2.1.2-12.20.1
- (no CPE)range: < 2.0.0~rc4-3.3.1
- (no CPE)range: < 3.20.2-16.3.3
- Check Point Software Technologies Ltd./FreeRDPv5Range: All versions prior to 2.0.0-rc4
Patches
Vulnerability mechanics
References
4- usn.ubuntu.com/3845-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.securityfocus.com/bid/106938mitrevdb-entryx_refsource_BID
- github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7mitrex_refsource_CONFIRM
- research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.