rdesktop

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description An open source client for Windows Remote Desktop Services
Version 1.9.0-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-871 1.8.3-1 1.8.4-1 High Fixed FS#61652
Issue Group Severity Remote Type Description
CVE-2018-20182 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in seamless_process_line().
CVE-2018-20181 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in seamless_process().
CVE-2018-20180 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in rdpsnddbg_process().
CVE-2018-20179 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to remote code execution in lspci_process().
CVE-2018-20178 AVG-871 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to denial of service in process_demand_active().
CVE-2018-20177 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a memory corruption issue in rdp_in_unistr() that could lead to arbitrary code execution.
CVE-2018-20176 AVG-871 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to denial of service in sec_parse_crypt_info() and sec_recv().
CVE-2018-20175 AVG-871 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to denial of service in mcs_recv_connect_response() and mcs_parse_domain_params().
CVE-2018-20174 AVG-871 Medium Yes Information disclosure
rdesktop before 1.8.4 is vulnerable to an information leak in ui_clip_handle_data().
CVE-2018-8800 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a heap-based buffer overflow in function ui_clip_handle_data() that results in a memory corruption and probably even...
CVE-2018-8799 AVG-871 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function process_secondary_order() that results in a denial of service (segfault).
CVE-2018-8798 AVG-871 Medium Yes Information disclosure
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function rdpsnd_process_ping() that results in an information leak.
CVE-2018-8797 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a heap-based buffer overflow in function process_plane() that results in a memory corruption and probably even a...
CVE-2018-8796 AVG-871 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function process_bitmap_updates() that results in a denial of service (segfault).
CVE-2018-8795 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to an integer overflow that leads to a heap-based buffer overflow in function process_bitmap_updates() and results in a...
CVE-2018-8794 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to an integer overflow that leads to an out-of-bounds write in function process_bitmap_updates() and results in a memory...
CVE-2018-8793 AVG-871 High Yes Arbitrary code execution
rdesktop before 1.8.4 is vulnerable to a heap-based buffer overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even...
CVE-2018-8792 AVG-871 Medium Yes Denial of service
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function cssp_read_tsrequest() that results in a denial of service (segfault).
CVE-2018-8791 AVG-871 Medium Yes Information disclosure
rdesktop before 1.8.4 is vulnerable to an out-of-bounds read in function rdpdr_process() that results in an information leak.

Advisories

Date Advisory Group Severity Type
11 Feb 2019 ASA-201902-5 AVG-871 High multiple issues