Lucene search

Veracode Vulnerability DatabaseVERACODE:20742

HistoryJul 09, 2019 - 7:39 a.m.

Integer Overflow

2019-07-0907:39:44

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.037 Low

EPSS

Percentile

91.8%

JSON

FreeRDP is vulnerable to Integer Overflow. The count variable in function update_read_bitmap_update() was assigned as UINT_16, potentially leading to a heap-based buffer overflow, resulting in a memory corruption and probably remote code execution.

CPENameOperatorVersion
libfreerdp-core.soeq1.0.2
freerdp:3.11eq2.0.0-r0
freerdp:3.12eq2.0.0-r0
freerdp:edgeeq2.0.0-r0

Name	Operator	Version
libfreerdp-core.so	eq	1.0.2
freerdp:3.11	eq	2.0.0-r0
freerdp:3.12	eq	2.0.0-r0
freerdp:edge	eq	2.0.0-r0

References

www.securityfocus.com/bid/106938

access.redhat.com/errata/RHSA-2019:0697

bugzilla.redhat.com/show_bug.cgi?id=1671359

github.com/FreeRDP/FreeRDP/commit/24f413c0a0656d3a797a8155b438bc5afefacd92#diff-07d5c460fc8da0012ec837a8343d6320R95

github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3

lists.debian.org/debian-lts-announce/2019/02/msg00015.html

lists.fedoraproject.org/archives/list/[email protected]/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/

research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/

usn.ubuntu.com/3845-1/

usn.ubuntu.com/3845-2/

0.037 Low

EPSS

Percentile

91.8%

JSON

Related for VERACODE:20742