Download
| Alert*
oval:org.secpod.oval:def:605103
freerdp-x11 is installed oval:org.secpod.oval:def:603034 freerdp-x11 is installed oval:org.secpod.oval:def:2004664 HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer is also used for a realloc return value. oval:org.secpod.oval:def:2003823 libfreerdp/codec/interleaved.c in FreeRDP versions oval:org.secpod.oval:def:2004665 libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer is also used for a realloc return value. oval:org.secpod.oval:def:1902022 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress and results in a memory corruption and probably even a remote code execution. oval:org.secpod.oval:def:1902021 FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update and results in a memory corruption and probably even a remote code execution. oval:org.secpod.oval:def:1902023 FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service . oval:org.secpod.oval:def:1902020 FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode that results in a memory corruption and possibly even a remote code execution. oval:org.secpod.oval:def:53105 Tyler Bohan of Talos discovered that FreeRDP, a free implementation of the Remote Desktop Protocol , contained several vulnerabilities that allowed a malicious remote server or a man-in-the-middle to either cause a DoS by forcibly terminating the client, or execute arbitrary code on the client side. oval:org.secpod.oval:def:603033 Tyler Bohan of Talos discovered that FreeRDP, a free implementation of the Remote Desktop Protocol , contained several vulnerabilities that allowed a malicious remote server or a man-in-the-middle to either cause a DoS by forcibly terminating the client, or execute arbitrary code on the client side. oval:org.secpod.oval:def:2003822 libfreerdp/cache/bitmap.c in FreeRDP versions oval:org.secpod.oval:def:2003825 libfreerdp/codec/planar.c in FreeRDP version oval:org.secpod.oval:def:2003824 libfreerdp/core/update.c in FreeRDP versions oval:org.secpod.oval:def:2003827 libfreerdp/gdi/region.c in FreeRDP versions oval:org.secpod.oval:def:2003826 libfreerdp/gdi/gdi.c in FreeRDP |