U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:freerdp:freerdp:1.0.2:rc2:*:*:*:*:*:*
  • CPE Name Search: true
There are 50 matching records.
Displaying matches 41 through 50.
Vuln ID Summary CVSS Severity
CVE-2018-8789

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

Published: November 29, 2018; 1:29:01 PM -0500
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-8788

FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.

Published: November 29, 2018; 1:29:00 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-8787

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

Published: November 29, 2018; 1:29:00 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

Published: November 29, 2018; 1:29:00 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-8785

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.

Published: November 29, 2018; 1:29:00 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-8784

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

Published: November 29, 2018; 1:29:00 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2013-4119

FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.

Published: October 03, 2016; 5:59:01 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2013-4118

FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.

Published: October 03, 2016; 5:59:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2014-0250

Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.

Published: November 16, 2014; 12:59:01 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-0791

Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.

Published: January 03, 2014; 1:54:13 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM