Description
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
Scores
CVSS v3
9.8
EPSS
0.0960
EPSS Percentile
92.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-681
CWE-787
CWE-680
Status
published
Products (14)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
18.10
debian/debian_linux
8.0
fedoraproject/fedora
28
freerdp/freerdp
2.0.0 rc1 (3 CPE variants)
freerdp/freerdp
< 1.2.0
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_server
7.0
... and 4 more
Published
Nov 29, 2018
Tracked Since
Feb 18, 2026