Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote malicious users to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rdesktop rdesktop 1.5.0 |