Lucene search
Veracode Vulnerability DatabaseVERACODE:25572HistoryJun 03, 2020 - 4:08 a.m.
Remote Code Execution
2020-06-0304:08:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.1 Low
EPSS
Percentile
94.9%
freerdp is vulnerable to remote code execution. The vulnerability exists as an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freerdp:3.11 | eq | 2.0.0-r0 | |
| freerdp:3.12 | eq | 2.0.0-r0 | |
| freerdp:edge | eq | 2.0.0-r0 | |
| freerdp:3.11 | eq | 2.0.0-r0 | |
| freerdp:3.12 | eq | 2.0.0-r0 | |
| freerdp:edge | eq | 2.0.0-r0 |
References
www.securityfocus.com/bid/106938
access.redhat.com/errata/RHSA-2019:0697
github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
lists.debian.org/debian-lts-announce/2019/02/msg00015.html
research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
usn.ubuntu.com/3845-1/
usn.ubuntu.com/3845-2/
Related
ubuntucve
ubuntucve
CVE-2018-8788
2018-11-29 00:00:00
alpinelinux
alpinelinux
CVE-2018-8788
2018-11-29 18:29:00
debiancve
debiancve
CVE-2018-8788
2018-11-29 18:29:00
cvelist
cvelist
CVE-2018-8788
2018-10-22 00:00:00
prion
prion
Design/Logic Flaw
2018-11-29 18:29:00
osv
osv
CVE-2018-8788
2018-11-29 18:29:00
freerdp - security update
2019-02-07 00:00:00
nvd
nvd
CVE-2018-8788
2018-11-29 18:29:00
cve
cve
CVE-2018-8788
2018-11-29 18:29:00
redhatcve
redhatcve
CVE-2018-8788
2019-01-31 13:52:19
openvas
openvas
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-1284)
2020-01-23 00:00:00
CentOS Update for freerdp CESA-2019:0697 centos7
2019-04-13 00:00:00
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-1283)
2020-01-23 00:00:00
redhat
redhat
(RHSA-2019:0697) Important: freerdp security update
2019-04-02 10:57:14
nessus
nessus
Amazon Linux 2 : freerdp (ALAS-2019-1191)
2019-04-18 00:00:00
Oracle Linux 7 : freerdp (ELSA-2019-0697)
2019-04-03 00:00:00
EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2019-1284)
2019-04-30 00:00:00
amazon
amazon
Important: freerdp
2019-04-04 21:55:00
oraclelinux
oraclelinux
freerdp security update
2019-04-02 00:00:00
centos
centos
freerdp security update
2019-04-12 14:01:25
debian
debian
[SECURITY] [DLA 1666-1] freerdp security update
2019-02-09 14:11:49
mageia
mageia
Updated freerdp packages fix security vulnerabilities
2019-01-05 21:30:16
ubuntu
ubuntu
FreeRDP vulnerabilities
2018-12-12 00:00:00
FreeRDP vulnerabilities
2019-05-28 00:00:00
suse
suse
Security update for freerdp (important)
2019-03-14 00:00:00
Security update for freerdp (important)
2019-01-29 00:00:00