CVE-2018-1000852 — Out-of-bounds Read in Freerdp
Severity
6.5MEDIUMNVD
EPSS
0.8%
top 25.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 20
Latest updateMay 13
Description
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:LExploitability: 3.9 | Impact: 2.5
Affected Packages2 packages
Also affects: Fedora 28, Ubuntu Linux 18.04, 19.10, 20.04
Patches
🔴Vulnerability Details
2📋Vendor Advisories
3💬Community
4Bugzilla
▶
Bugzilla▶
CVE-2018-1000852 freerdp: out of bounds read in drdynvc_process_capability_request [epel-6]↗2018-12-21
Bugzilla▶
CVE-2018-1000852 freerdp1.2: freerdp: out of bounds read in drdynvc_process_capability_request [fedora-all]↗2018-12-21
Bugzilla▶
CVE-2018-1000852 freerdp: out of bounds read in drdynvc_process_capability_request [fedora-28]↗2018-12-21