CVE-2014-0791 - Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP thr

CVE-2014-0791

Summary

Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.

References

Vulnerable Configurations

cpe:2.3:a:freerdp:freerdp:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 30-08-2020 - 02:15)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

confirm	http://advisories.mageia.org/MGASA-2014-0287.html
mandriva	MDVSA-2015:171
misc	https://bugzilla.redhat.com/show_bug.cgi?id=998941 https://github.com/FreeRDP/FreeRDP/pull/1649 https://github.com/sidhpurwala-huzaifa/FreeRDP/commit/e2745807c4c3e0a590c0f69a9b655dc74ebaa03e
mlist	[debian-lts-announce] 20200829 [SECURITY] [DLA 2356-1] freerdp security update [oss-security] 20140102 CVE for freerdp int overflow? [oss-security] 20140103 Re: CVE for freerdp int overflow?
suse	openSUSE-SU-2014:0862 openSUSE-SU-2016:2400 openSUSE-SU-2016:2402

Last major update

30-08-2020 - 02:15

Published

03-01-2014 - 18:54

Last modified

30-08-2020 - 02:15