Vulnerabilities (CVE)

Vendor filter

Freerdp Subscribe

Product filter

Freerdp Subscribe

Filter

14 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17178 2 Freerdp, Lodev 2 Freerdp, Lodepngl 2019-10-11 5.0
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
CVE-2018-8785 2 Freerdp, Canonical 2 Freerdp, Ubuntu Linux 2019-10-09 7.5
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
CVE-2018-8784 2 Freerdp, Canonical 2 Freerdp, Ubuntu Linux 2019-10-09 7.5
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
CVE-2019-17177 1 Freerdp 1 Freerdp 2019-10-08 5.0
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
CVE-2018-8789 3 Freerdp, Canonical, Debian 3 Freerdp, Ubuntu Linux, Debian Linux 2019-06-03 5.0
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
CVE-2018-8788 3 Freerdp, Canonical, Debian 3 Freerdp, Ubuntu Linux, Debian Linux 2019-06-03 7.5
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
CVE-2018-8787 3 Freerdp, Canonical, Debian 3 Freerdp, Ubuntu Linux, Debian Linux 2019-06-03 7.5
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
CVE-2018-8786 3 Freerdp, Canonical, Debian 3 Freerdp, Ubuntu Linux, Debian Linux 2019-06-03 7.5
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
CVE-2017-2839 2 Freerdp, Debian 2 Freerdp, Debian Linux 2018-05-25 4.3
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An...
CVE-2017-2838 2 Freerdp, Debian 2 Freerdp, Debian Linux 2018-05-25 4.3
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An...
CVE-2017-2837 2 Freerdp, Debian 2 Freerdp, Debian Linux 2018-05-25 4.3
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An...
CVE-2017-2836 2 Freerdp, Debian 2 Freerdp, Debian Linux 2018-05-25 4.3
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service...
CVE-2017-2835 2 Freerdp, Debian 2 Freerdp, Debian Linux 2018-05-25 6.8
An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can...
CVE-2017-2834 2 Freerdp, Debian 2 Freerdp, Debian Linux 2018-05-25 6.8
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can...