CVE-2018-8800Heap-based Buffer Overflow in Rdesktop

CWE-122Heap-based Buffer OverflowCWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-77Command InjectionCWE-94Code InjectionCWE-20Improper Input ValidationCWE-39914 documents7 sources
Severity
9.8CRITICALNVD
EPSS
6.7%
top 8.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
RdesktopDebian RdesktopCheck Point Software Technologies LTD Rdesktop+2 more
Timeline
PublishedFeb 5
Latest updateMay 13

Description

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

debiandebian/rdesktop< rdesktop 1.8.4-1 (bookworm)
Debianrdesktop/rdesktop< 1.8.4-1+3
CVEListV5check_point_software_technologies_ltd/rdesktopAll versions up to and including v1.8.3
NVDopensuse/leap15.1

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-93cm-qxxv-xcv9: rdesktop versions up to and including v12022-05-13
OSV
CVE-2018-8800: rdesktop versions up to and including v12019-02-05

📋Vendor Advisories

10
Cisco
Cisco IP Phone 8800 Series Arbitrary Script Injection Vulnerability2019-01-09
Red Hat
rdesktop: Remote code execution in ui_clip_handle_data2019-01-04
Cisco
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Web UI Command Injection Vulnerability2018-07-11
Cisco
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability2018-06-06
Cisco
Cisco IP Phone 7800 Series and 8800 Series and Cisco Wireless IP Phone 8821 Denial of Service Vulnerability2018-05-16

💬Community

1
Bugzilla
CVE-2018-8800 rdesktop: Remote code execution in ui_clip_handle_data2019-01-29