Published: 20/12/2018 Updated: 07/11/2023

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 6.5 | Impact Score: 2.5 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

It exists that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freerdp freerdp 2.0.0
freerdp freerdp
canonical ubuntu linux 18.04
fedoraproject fedora 28
canonical ubuntu linux 19.10
canonical ubuntu linux 20.04

Synopsis Low: freerdp and vinagre security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic An update for freerdp and vinagre is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability S ...

Several security issues were fixed in FreeRDP ...

FreeRDP FreeRDP 200-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_mainc, drdynvc_process_capability_request that can result in The RDP server can read the client's memory This attack appear to be exploitable via RDPClient must connect the rd ...

CWE-125 https://github.com/FreeRDP/FreeRDP/pull/4871/commits/baee520e3dd9be6511c45a14c5f5e77784de1471 https://github.com/FreeRDP/FreeRDP/pull/4871 https://github.com/FreeRDP/FreeRDP/issues/4866 https://access.redhat.com/errata/RHSA-2019:2157 https://usn.ubuntu.com/4379-1/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YVJKO2DR5EY4C4QZOP7SNNBEW2JW6FHX/https://access.redhat.com/errata/RHSA-2019:2157 https://usn.ubuntu.com/4379-1/https://nvd.nist.gov

CVE-2018-1000852

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect