CVE-2018-8797

Published: Feb 5, 2019

Modified: Sep 16, 2024

PUBLISHED

Description

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.

Vendor	Product	Versions
Check Point Software Technologies Ltd.	rdesktop	affected `All versions up to and including v1.8.3`

Weaknesses (CWE)

CWE-122

References

106938

vdb-entry

x_refsource_BID

https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1

x_refsource_MISC

GLSA-201903-06

vendor-advisory

x_refsource_GENTOO

https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/

x_refsource_CONFIRM

DSA-4394

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2135

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-8797

Description

Affected Products

Weaknesses (CWE)

References