Executive Summary

Informations
NameCVE-2018-8789First vendor Publication2018-11-29
VendorCveLast vendor Modification2019-06-03

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8789

CWE : Common Weakness Enumeration

%idName
100 %CWE-125Out-of-bounds Read

CPE : Common Platform Enumeration

TypeDescriptionCount
Application4
Os4
Os1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/106938
CONFIRM https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3...
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clie...
MLIST https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html
UBUNTU https://usn.ubuntu.com/3845-1/
https://usn.ubuntu.com/3845-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2019-06-03 21:19:19
  • Multiple Updates
2019-03-04 21:19:44
  • Multiple Updates
2019-03-02 00:18:18
  • Multiple Updates
2019-02-28 00:19:27
  • Multiple Updates
2018-12-28 21:19:21
  • Multiple Updates
2018-12-13 17:19:12
  • Multiple Updates
2018-11-29 21:19:35
  • First insertion