CVE-2018-8794

Published: Feb 5, 2019

Modified: Sep 17, 2024

PUBLISHED

Description

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

Vendor	Product	Versions
Check Point Software Technologies Ltd.	rdesktop	affected `All versions up to and including v1.8.3`

Weaknesses (CWE)

CWE-680

References

106938

vdb-entry

x_refsource_BID

https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1

x_refsource_MISC

GLSA-201903-06

vendor-advisory

x_refsource_GENTOO

https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/

x_refsource_CONFIRM

DSA-4394

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2135

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-8794

Description

Affected Products

Weaknesses (CWE)

References