Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freerdp
(Freerdp)| Repositories |
• https://github.com/FreeRDP/FreeRDP
• https://github.com/sidhpurwala-huzaifa/FreeRDP |
| #Vulnerabilities | 92 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-04-24 | CVE-2017-2834 | An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability. | Debian_linux, Freerdp | 7.0 | ||
| 2018-04-24 | CVE-2017-2835 | An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability. | Debian_linux, Freerdp | 8.1 | ||
| 2018-04-24 | CVE-2017-2837 | An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | Debian_linux, Freerdp | 5.9 | ||
| 2018-04-24 | CVE-2017-2838 | An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | Debian_linux, Freerdp | 5.9 | ||
| 2018-04-24 | CVE-2017-2839 | An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | Debian_linux, Freerdp | 5.9 | ||
| 2018-04-24 | CVE-2017-2836 | An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the middle to trigger this vulnerability. | Debian_linux, Freerdp | 5.9 | ||
| 2020-05-15 | CVE-2020-11521 | libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 6.6 | ||
| 2020-05-15 | CVE-2020-11526 | libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 2.2 | ||
| 2021-07-30 | CVE-2021-37594 | In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU. | Freerdp | 9.8 | ||
| 2021-07-30 | CVE-2021-37595 | In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU. | Freerdp | 9.8 |