CVE-2008-5902Improper Restriction of Operations within the Bounds of a Memory Buffer in Xrdp

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
7.5HIGHNVD
EPSS
2.6%
top 14.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Neutrinolabs XrdpXrdp
Timeline
PublishedJan 15
Latest updateMay 17

Description

Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianneutrinolabs/xrdp< 0.4.0~dfsg-9+3
NVDxrdp/xrdp0.4.1+4

🔴Vulnerability Details

3
GHSA
GHSA-j9gf-75xm-4w77: Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap2022-05-17
CVEList
CVE-2008-5902: Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap2009-01-15
OSV
CVE-2008-5902: Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap2009-01-15

📋Vendor Advisories

1
Debian
CVE-2008-5902: xrdp - Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in ...2008
CVE-2008-5902 — Xrdp vulnerability | cvebase