Total vulnerabilities in the database
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
| Software | From | Fixed in |
|---|---|---|
| freerdp / freerdp | 2.0.0-rc3 | 2.0.0-rc3.x |
| freerdp / freerdp | 2.0.0-rc2 | 2.0.0-rc2.x |
| freerdp / freerdp | 2.0.0-rc1 | 2.0.0-rc1.x |
| freerdp / freerdp | - | 1.2.0.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 18.10 | 18.10.x |
| debian / debian_linux | 8.0 | 8.0.x |
| fedoraproject / fedora | 28 | 28.x |
| redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
| redhat / enterprise_linux_workstation | 7.0 | 7.0.x |
| redhat / enterprise_linux_server | 7.0 | 7.0.x |
| redhat / enterprise_linux_server_tus | 7.6 | 7.6.x |
| redhat / enterprise_linux_server_eus | 7.6 | 7.6.x |
| redhat / enterprise_linux_server_aus | 7.6 | 7.6.x |