Filtered by vendor Freerdp
Subscriptions
Filtered by product Freerdp
Subscriptions
Total
96 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-41877 | 3 Fedoraproject, Freerdp, Redhat | 3 Fedora, Freerdp, Enterprise Linux | 2024-10-15 | 4.6 Medium |
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the drive redirection channel - command line options `/drive`, `+drives` or `+home-drive`. | ||||
CVE-2023-40574 | 1 Freerdp | 1 Freerdp | 2024-10-15 | 6.5 Medium |
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `writePixelBGRX` function. This issue is likely down to incorrect calculations of the `nHeight` and `srcStep` variables. This issue has been addressed in version 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
CVE-2023-40575 | 1 Freerdp | 1 Freerdp | 2024-10-01 | 5.3 Medium |
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_YUV444ToRGB_8u_P3AC4R_BGRX` function. This issue is likely down to insufficient data for the `pSrc` variable and results in crashes. This issue has been addressed in version 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
CVE-2017-2838 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-17 | 5.9 Medium |
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | ||||
CVE-2018-8786 | 5 Canonical, Debian, Fedoraproject and 2 more | 11 Ubuntu Linux, Debian Linux, Fedora and 8 more | 2024-09-17 | 9.8 Critical |
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. | ||||
CVE-2018-8784 | 2 Canonical, Freerdp | 2 Ubuntu Linux, Freerdp | 2024-09-17 | 9.8 Critical |
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. | ||||
CVE-2017-2836 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-17 | 5.9 Medium |
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | ||||
CVE-2017-2839 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-16 | 5.9 Medium |
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | ||||
CVE-2017-2837 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-16 | 5.9 Medium |
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | ||||
CVE-2018-8789 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-09-16 | N/A |
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | ||||
CVE-2017-2835 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-16 | 8.1 High |
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability. | ||||
CVE-2018-8785 | 2 Canonical, Freerdp | 2 Ubuntu Linux, Freerdp | 2024-09-16 | 9.8 Critical |
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. | ||||
CVE-2018-8787 | 4 Canonical, Debian, Freerdp and 1 more | 10 Ubuntu Linux, Debian Linux, Freerdp and 7 more | 2024-09-16 | 9.8 Critical |
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | ||||
CVE-2017-2834 | 2 Debian, Freerdp | 2 Debian Linux, Freerdp | 2024-09-16 | 7.0 High |
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability. | ||||
CVE-2018-8788 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2024-09-16 | N/A |
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | ||||
CVE-2013-4119 | 1 Freerdp | 1 Freerdp | 2024-08-06 | N/A |
FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. | ||||
CVE-2013-4118 | 2 Freerdp, Opensuse | 3 Freerdp, Leap, Opensuse | 2024-08-06 | N/A |
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | ||||
CVE-2014-0791 | 1 Freerdp | 1 Freerdp | 2024-08-06 | N/A |
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet. | ||||
CVE-2014-0250 | 2 Freerdp, Opensuse | 2 Freerdp, Opensuse | 2024-08-06 | N/A |
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | ||||
CVE-2018-1000852 | 4 Canonical, Fedoraproject, Freerdp and 1 more | 4 Ubuntu Linux, Fedora, Freerdp and 1 more | 2024-08-05 | 6.5 Medium |
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3. |