PT-2018-3040 · Freerdp+5 · Freerdp+5

Eyal Itkin

Published

2016-04-08

Updated

2024-06-15

CVE-2018-8787

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 2.0.0-rc4

Description The issue is caused by an Integer Overflow in the gdi Bitmap Decompress() function, leading to a Heap-Based Buffer Overflow. This results in memory corruption and potentially allows for remote code execution. The vulnerability can be exploited by a remote attacker to cause a denial of service or execute arbitrary code.

Recommendations For versions prior to 2.0.0-rc4, consider updating to version 2.0.0-rc4 or later to resolve the issue. As a temporary workaround, consider disabling the gdi Bitmap Decompress() function until a patch is available. Restrict access to the RDP client to minimize the risk of exploitation.

Exploit

Fix

RCE

Integer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-680CWE-787

Related Identifiers

ALT-PU-2016-1308

BDU:2019-03474

CESA-2019_0697

CVE-2018-8787

DLA-1666-1

MGASA-2019-0012

OPENSUSE-SU-2019:0325-1

OPENSUSE-SU-2019_0096-1

OPENSUSE-SU-2019_0325-1

OPENSUSE-SU-2024:10768-1

RHSA-2019:0697

RHSA-2019_0697

SUSE-SU-2019:0134-1

SUSE-SU-2019:0539-1

SUSE-SU-2020:2272-1

USN-3845-1

USN-3845-2

Affected Products

Alt Linux

Centos

Freerdp

Red Hat

Suse

Ubuntu

PT-2018-3040 · Freerdp+5 · Freerdp+5

CVE-2018-8787

Weakness Enumeration

Related Identifiers

Affected Products

References · 120