CVE-2018-20179

Published: Mar 15, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

106938

vdb-entry

x_refsource_BID

https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1

x_refsource_MISC

GLSA-201903-06

vendor-advisory

x_refsource_GENTOO

https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/

x_refsource_CONFIRM

DSA-4394

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2135

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20179

Description

Affected Products

References