VYPR

Rdesktop

by Rdesktop

Source repositories

CVEs (25)

  • CVE-2008-1801May 12, 2008
    risk 0.04cvss epss 0.13

    Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.

  • CVE-2008-1802May 12, 2008
    risk 0.04cvss epss 0.13

    Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.

  • CVE-2018-20180Mar 15, 2019
    risk 0.01cvss epss 0.08

    rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution.

  • CVE-2018-20182Mar 15, 2019
    risk 0.01cvss epss 0.08

    rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote code execution.

  • CVE-2018-20177Mar 15, 2019
    risk 0.01cvss epss 0.08

    rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.

  • CVE-2018-20179Mar 15, 2019
    risk 0.01cvss epss 0.07

    rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.

  • CVE-2018-20181Mar 15, 2019
    risk 0.01cvss epss 0.08

    rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution.

  • CVE-2018-8795Feb 5, 2019
    risk 0.01cvss epss 0.07

    rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8797Feb 5, 2019
    risk 0.01cvss epss 0.07

    rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8800Feb 5, 2019
    risk 0.01cvss epss 0.07

    rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.

  • CVE-2018-8794Feb 5, 2019
    risk 0.01cvss epss 0.07

    rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

  • CVE-2018-8793Feb 5, 2019
    risk 0.01cvss epss 0.07

    rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.

  • CVE-2008-1803May 12, 2008
    risk 0.01cvss epss 0.07

    Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original…

  • CVE-2019-15682Oct 30, 2019
    risk 0.00cvss epss 0.01

    RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5

  • CVE-2018-20174Mar 15, 2019
    risk 0.00cvss epss 0.04

    rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak.

  • CVE-2018-20176Mar 15, 2019
    risk 0.00cvss epss 0.04

    rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault).

  • CVE-2018-20178Mar 15, 2019
    risk 0.00cvss epss 0.04

    rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function process_demand_active() that results in a Denial of Service (segfault).

  • CVE-2018-20175Mar 15, 2019
    risk 0.00cvss epss 0.04

    rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).

  • CVE-2018-8796Feb 5, 2019
    risk 0.00cvss epss 0.04

    rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).

  • CVE-2018-8792Feb 5, 2019
    risk 0.00cvss epss 0.04

    rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).

Page 1 of 2