All the vulnerabilites related to Check Point Software Technologies Ltd. - FreeRDP
cve-2018-8788
Vulnerability from cvelistv5
Published
2018-11-29 17:00
Modified
2024-09-16 17:28
Severity ?
EPSS score ?
Summary
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html | mailing-list, x_refsource_MLIST | |
https://usn.ubuntu.com/3845-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM | |
https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659 | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2019:0697 | vendor-advisory, x_refsource_REDHAT | |
https://usn.ubuntu.com/3845-2/ | vendor-advisory, x_refsource_UBUNTU |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Check Point Software Technologies Ltd. | FreeRDP |
Version: All versions prior to 2.0.0-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:02:26.104Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659" }, { "name": "RHSA-2019:0697", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeRDP", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior to 2.0.0-rc4" } ] } ], "datePublic": "2018-10-22T00:00:00", "descriptions": [ { "lang": "en", "value": "FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-03T15:06:11", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659" }, { "name": "RHSA-2019:0697", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2018-10-22T00:00:00", "ID": "CVE-2018-8788", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeRDP", "version": { "version_data": [ { "version_value": "All versions prior to 2.0.0-rc4" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-787: Out-of-bounds Write" } ] } ] }, "references": { "reference_data": [ { "name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-1/" }, { "name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659", "refsource": "CONFIRM", "url": "https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659" }, { "name": "RHSA-2019:0697", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "USN-3845-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-2/" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8788", "datePublished": "2018-11-29T17:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-16T17:28:15.906Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-8784
Vulnerability from cvelistv5
Published
2018-11-29 17:00
Modified
2024-09-17 01:55
Severity ?
EPSS score ?
Summary
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://usn.ubuntu.com/3845-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM | |
https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Check Point Software Technologies Ltd. | FreeRDP |
Version: All versions prior to 2.0.0-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:02:26.069Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeRDP", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior to 2.0.0-rc4" } ] } ], "datePublic": "2018-10-22T00:00:00", "descriptions": [ { "lang": "en", "value": "FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-03-01T18:57:01", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2018-10-22T00:00:00", "ID": "CVE-2018-8784", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeRDP", "version": { "version_data": [ { "version_value": "All versions prior to 2.0.0-rc4" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938" }, { "name": "USN-3845-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-1/" }, { "name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7", "refsource": "CONFIRM", "url": "https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8784", "datePublished": "2018-11-29T17:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-17T01:55:43.145Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-8787
Vulnerability from cvelistv5
Published
2018-11-29 17:00
Modified
2024-09-16 20:16
Severity ?
EPSS score ?
Summary
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html | mailing-list, x_refsource_MLIST | |
https://usn.ubuntu.com/3845-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM | |
https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2019:0697 | vendor-advisory, x_refsource_REDHAT | |
https://usn.ubuntu.com/3845-2/ | vendor-advisory, x_refsource_UBUNTU |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Check Point Software Technologies Ltd. | FreeRDP |
Version: All versions prior to 2.0.0-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:02:26.068Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a" }, { "name": "RHSA-2019:0697", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeRDP", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior to 2.0.0-rc4" } ] } ], "datePublic": "2018-10-22T00:00:00", "descriptions": [ { "lang": "en", "value": "FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-680", "description": "CWE-680: Integer Overflow to Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-03T15:06:11", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a" }, { "name": "RHSA-2019:0697", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2018-10-22T00:00:00", "ID": "CVE-2018-8787", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeRDP", "version": { "version_data": [ { "version_value": "All versions prior to 2.0.0-rc4" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-680: Integer Overflow to Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-1/" }, { "name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a", "refsource": "CONFIRM", "url": "https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a" }, { "name": "RHSA-2019:0697", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "USN-3845-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-2/" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8787", "datePublished": "2018-11-29T17:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-16T20:16:21.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-8786
Vulnerability from cvelistv5
Published
2018-11-29 17:00
Modified
2024-09-17 01:56
Severity ?
EPSS score ?
Summary
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html | mailing-list, x_refsource_MLIST | |
https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3 | x_refsource_CONFIRM | |
https://usn.ubuntu.com/3845-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM | |
https://access.redhat.com/errata/RHSA-2019:0697 | vendor-advisory, x_refsource_REDHAT | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/ | vendor-advisory, x_refsource_FEDORA | |
https://usn.ubuntu.com/3845-2/ | vendor-advisory, x_refsource_UBUNTU |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Check Point Software Technologies Ltd. | FreeRDP |
Version: All versions prior to 2.0.0-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:02:26.040Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "RHSA-2019:0697", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "FEDORA-2019-b2d986c3e9", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeRDP", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior to 2.0.0-rc4" } ] } ], "datePublic": "2018-10-22T00:00:00", "descriptions": [ { "lang": "en", "value": "FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-680", "description": "CWE-680: Integer Overflow to Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-03T15:06:11", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "RHSA-2019:0697", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "FEDORA-2019-b2d986c3e9", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2018-10-22T00:00:00", "ID": "CVE-2018-8786", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeRDP", "version": { "version_data": [ { "version_value": "All versions prior to 2.0.0-rc4" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-680: Integer Overflow to Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3", "refsource": "CONFIRM", "url": "https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3" }, { "name": "USN-3845-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-1/" }, { "name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "RHSA-2019:0697", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0697" }, { "name": "FEDORA-2019-b2d986c3e9", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/" }, { "name": "USN-3845-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-2/" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8786", "datePublished": "2018-11-29T17:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-17T01:56:15.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-8785
Vulnerability from cvelistv5
Published
2018-11-29 17:00
Modified
2024-09-16 20:22
Severity ?
EPSS score ?
Summary
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d | x_refsource_CONFIRM | |
https://usn.ubuntu.com/3845-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Check Point Software Technologies Ltd. | FreeRDP |
Version: All versions prior to 2.0.0-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:02:26.117Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106938" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeRDP", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior to 2.0.0-rc4" } ] } ], "datePublic": "2018-10-22T00:00:00", "descriptions": [ { "lang": "en", "value": "FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-03-01T18:57:01", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106938" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2018-10-22T00:00:00", "ID": "CVE-2018-8785", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeRDP", "version": { "version_data": [ { "version_value": "All versions prior to 2.0.0-rc4" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938" }, { "name": "https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d", "refsource": "CONFIRM", "url": "https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d" }, { "name": "USN-3845-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-1/" }, { "name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8785", "datePublished": "2018-11-29T17:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-16T20:22:24.986Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-8789
Vulnerability from cvelistv5
Published
2018-11-29 18:00
Modified
2024-09-16 20:52
Severity ?
EPSS score ?
Summary
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6 | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html | mailing-list, x_refsource_MLIST | |
https://usn.ubuntu.com/3845-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM | |
https://usn.ubuntu.com/3845-2/ | vendor-advisory, x_refsource_UBUNTU |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Check Point Software Technologies Ltd. | FreeRDP |
Version: All versions prior to 2.0.0-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:02:26.047Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106938" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeRDP", "vendor": "Check Point Software Technologies Ltd.", "versions": [ { "status": "affected", "version": "All versions prior to 2.0.0-rc4" } ] } ], "datePublic": "2018-10-22T00:00:00", "descriptions": [ { "lang": "en", "value": "FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault)." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126: Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-03T15:06:11", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint" }, "references": [ { "name": "106938", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106938" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "USN-3845-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3845-2/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@checkpoint.com", "DATE_PUBLIC": "2018-10-22T00:00:00", "ID": "CVE-2018-8789", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeRDP", "version": { "version_data": [ { "version_value": "All versions prior to 2.0.0-rc4" } ] } } ] }, "vendor_name": "Check Point Software Technologies Ltd." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-126: Buffer Over-read" } ] } ] }, "references": { "reference_data": [ { "name": "106938", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106938" }, { "name": "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6", "refsource": "CONFIRM", "url": "https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6" }, { "name": "[debian-lts-announce] 20190209 [SECURITY] [DLA 1666-1] freerdp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html" }, { "name": "USN-3845-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-1/" }, { "name": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", "refsource": "CONFIRM", "url": "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/" }, { "name": "USN-3845-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3845-2/" } ] } } } }, "cveMetadata": { "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2018-8789", "datePublished": "2018-11-29T18:00:00Z", "dateReserved": "2018-03-19T00:00:00", "dateUpdated": "2024-09-16T20:52:36.224Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }