ALAS2-2019-1191 --- freerdpID: oval:org.secpod.oval:def:1700156 | Date: (C)2019-06-07 (M)2023-12-20 |
Class: PATCH | Family: unix |
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode that results in a memory corruption and possibly even a remote code execution.FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress and results in a memory corruption and probably even a remote code execution.FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update and results in a memory corruption and probably even a remote code execution.