Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31909
HistoryApr 13, 2015 - 12:00 a.m.

[ MDVSA-2015:171 ] freerdp

2015-04-1300:00:00
vulners.com
16
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2015:171
http://www.mandriva.com/en/support/security/

Package : freerdp
Date : March 30, 2015
Affected: Business Server 2.0

Problem Description:

Updated freerdp packages fix security vulnerabilities:

Integer overflows in memory allocations in client/X11/xf_graphics.c in
FreeRDP through 1.0.2 allows remote RDP servers to have an unspecified
impact through unspecified vectors (CVE-2014-0250).

Integer overflow in the license_read_scope_list function in
libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP
servers to cause a denial of service (application crash) or possibly
have unspecified other impact via a large ScopeCount value in a Scope
List in a Server License Request packet (CVE-2014-0791).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0250
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0791
http://advisories.mageia.org/MGASA-2014-0287.html

Updated Packages:

Mandriva Business Server 2/X86_64:
f58926e69fb73deb6d43618d753032d2 mbs2/x86_64/freerdp-1.0.2-2.1.mbs2.x86_64.rpm
d946df0f02ad4e47196f5ef5092ef486 mbs2/x86_64/lib64freerdp1-1.0.2-2.1.mbs2.x86_64.rpm
9831f499aa56d22a3012d04fb3b5d31a mbs2/x86_64/lib64freerdp-devel-1.0.2-2.1.mbs2.x86_64.rpm
50d7514ee73b7e94b59a7c6053ebf5f3 mbs2/SRPMS/freerdp-1.0.2-2.1.mbs2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVGP1tmqjQ0CJFipgRAmNaAJsFy2WJu72gb3bk1QJhlB8iuseBhwCfT1UL
hevoqNTXZrFYtL2kJ+i8YwA=
=SiWj
-----END PGP SIGNATURE-----

Related

nessus 11
mageia 1
openvas 7
prion 2
debiancve 2
gentoo 1
cve 2
ubuntucve 2
securityvulns 1
seebug 1
ubuntu 1
osv 1
debian 1
nessus
nessus
openSUSE Security Update : freerdp (openSUSE-SU-2014:0862-1)
2014-07-02 00:00:00
EulerOS 2.0 SP5 : freerdp (EulerOS-SA-2019-2147)
2019-11-12 00:00:00
Mandriva Linux Security Advisory : freerdp (MDVSA-2015:171)
2015-03-31 00:00:00
mageia
mageia
Updated freerdp packages fix two vulnerabilities
2014-07-09 02:41:00
openvas
openvas
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2019-2147)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2014-0287)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201412-18
2015-09-29 00:00:00
prion
prion
Integer overflow
2014-11-16 17:59:00
Integer overflow
2014-01-03 18:54:00
debiancve
debiancve
CVE-2014-0250
2014-11-16 17:59:00
CVE-2014-0791
2014-01-03 18:54:00
gentoo
gentoo
FreeRDP: User-assisted execution of arbitrary code
2014-12-13 00:00:00
cve
cve
CVE-2014-0250
2014-11-16 17:59:00
CVE-2014-0791
2014-01-03 18:54:00
ubuntucve
ubuntucve
CVE-2014-0250
2014-11-16 00:00:00
CVE-2014-0791
2014-01-03 00:00:00
securityvulns
securityvulns
FreeRDP integer overflow
2015-04-13 00:00:00
seebug
seebug
FreeRDP license_read_scope_list函数整数溢出漏洞
2014-01-07 00:00:00
ubuntu
ubuntu
FreeRDP vulnerabilities
2017-08-07 00:00:00
osv
osv
freerdp - security update
2020-08-30 00:00:00
debian
debian
[SECURITY] [DLA 2356-1] freerdp security update
2020-08-29 23:51:52
JSON
Related for SECURITYVULNS:DOC:31909
nessus11mageia1openvas7prion2debiancve2gentoo1cve2ubuntucve2securityvulns1seebug1ubuntu1osv1debian1