Description
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.
References (3)
Core 3
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
Mailing List mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2009/01/12/3
Exploit x_refsource_misc
http://packetstormsecurity.org/0812-advisories/VA_VD_87_08_XRDP.pdf
Scores
EPSS
0.0338
EPSS Percentile
87.4%
Details
CWE
CWE-119
Status
published
Products (5)
xrdp/xrdp
0.3
xrdp/xrdp
0.3.1
xrdp/xrdp
0.3.2
xrdp/xrdp
0.4
xrdp/xrdp
< 0.4.1
Published
Jan 15, 2009
Tracked Since
Feb 18, 2026