VYPR

rpm package

opensuse/freerdp2&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/freerdp2&distro=openSUSE%20Tumbleweed

Vulnerabilities (114)

  • CVE-2018-8788Nov 29, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.

  • CVE-2018-8787Nov 29, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8786Nov 29, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8785Nov 29, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8784Nov 29, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

  • CVE-2017-2839MedApr 24, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server

  • CVE-2017-2838MedApr 24, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server

  • CVE-2017-2837MedApr 24, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or u

  • CVE-2017-2836MedApr 24, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromis

  • CVE-2017-2835HigApr 24, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in

  • CVE-2017-2834HigApr 24, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man

  • CVE-2018-0886HigMar 14, 2018
    affected < 2.4.0-2.1fixed 2.4.0-2.1

    The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows

  • CVE-2014-0250Nov 16, 2014
    affected < 2.11.5-1.1fixed 2.11.5-1.1

    Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.

  • CVE-2014-0791Jan 3, 2014
    affected < 2.11.5-1.1fixed 2.11.5-1.1

    Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Se

Page 6 of 6