CVE-2019-15682

HIGH

Rdesktop - Out-of-Bounds Read

Title source: rule

Description

RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5

References (1)

Core 1

Core References

Broken Link, Third Party Advisory x_refsource_misc

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4/

Scores

CVSS v3 7.5

EPSS 0.0043

EPSS Percentile 63.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-125

Status published

Products (1)

rdesktop/rdesktop 1.8.4

Published Oct 30, 2019

Tracked Since Feb 18, 2026