9.8
CVSSv3

CVE-2018-8794

Published: 05/02/2019 Updated: 29/09/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

rdesktop rdesktop

debian debian linux 9.0

debian debian linux 8.0

opensuse leap 15.1

Vendor Advisories

Multiple security issues were found in the rdesktop RDP client, which could result in denial of service, information disclosure and the execution of arbitrary code For the stable distribution (stretch), these problems have been fixed in version 184-1~deb9u1 We recommend that you upgrade your rdesktop packages For the detailed security status o ...
rdesktop before 184 is vulnerable to an integer overflow that leads to an out-of-bounds write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution ...