Lucene search
PRIOn knowledge basePRION:CVE-2018-8788HistoryNov 29, 2018 - 6:29 p.m.
Design/Logic Flaw
2018-11-2918:29:00
PRIOn knowledge base
www.prio-n.com
11
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 16.04 | |
| ubuntu_linux | eq | 14.04 | |
| ubuntu_linux | eq | 18.04 | |
| ubuntu_linux | eq | 18.10 | |
| debian_linux | eq | 8.0 | |
| freerdp | eq | 2.0.0 rc3 | |
| freerdp | eq | 2.0.0 rc2 | |
| freerdp | eq | 2.0.0 rc1 | |
| freerdp | le | 1.2.0 |
References
www.securityfocus.com/bid/106938
access.redhat.com/errata/RHSA-2019:0697
github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
lists.debian.org/debian-lts-announce/2019/02/msg00015.html
research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
usn.ubuntu.com/3845-1/
usn.ubuntu.com/3845-2/
Related
veracode
veracode
Remote Code Execution
2020-06-03 04:08:39
ubuntucve
ubuntucve
CVE-2018-8788
2018-11-29 00:00:00
osv
osv
CVE-2018-8788
2018-11-29 18:29:00
freerdp - security update
2019-02-07 00:00:00
alpinelinux
alpinelinux
CVE-2018-8788
2018-11-29 18:29:00
debiancve
debiancve
CVE-2018-8788
2018-11-29 18:29:00
cvelist
cvelist
CVE-2018-8788
2018-10-22 00:00:00
nvd
nvd
CVE-2018-8788
2018-11-29 18:29:00
redhatcve
redhatcve
CVE-2018-8788
2019-01-31 13:52:19
cve
cve
CVE-2018-8788
2018-11-29 18:29:00
nessus
nessus
Amazon Linux 2 : freerdp (ALAS-2019-1191)
2019-04-18 00:00:00
Oracle Linux 7 : freerdp (ELSA-2019-0697)
2019-04-03 00:00:00
EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2019-1284)
2019-04-30 00:00:00
openvas
openvas
CentOS Update for freerdp CESA-2019:0697 centos7
2019-04-13 00:00:00
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-1283)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-1285)
2020-01-23 00:00:00
amazon
amazon
Important: freerdp
2019-04-04 21:55:00
oraclelinux
oraclelinux
freerdp security update
2019-04-02 00:00:00
centos
centos
freerdp security update
2019-04-12 14:01:25
redhat
redhat
(RHSA-2019:0697) Important: freerdp security update
2019-04-02 10:57:14
debian
debian
[SECURITY] [DLA 1666-1] freerdp security update
2019-02-09 14:11:49
mageia
mageia
Updated freerdp packages fix security vulnerabilities
2019-01-05 21:30:16
ubuntu
ubuntu
FreeRDP vulnerabilities
2019-05-28 00:00:00
FreeRDP vulnerabilities
2018-12-12 00:00:00
suse
suse
Security update for freerdp (important)
2019-03-14 00:00:00
Security update for freerdp (important)
2019-01-29 00:00:00