Rdesktop: >> Rdesktop >> 1.5.0 Security Vulnerabilities
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
CVSS Score
9.3
EPSS Score
0.115
Published
2008-05-12
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
CVSS Score
9.3
EPSS Score
0.345
Published
2008-05-12
Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.
CVSS Score
9.3
EPSS Score
0.343
Published
2008-05-12
Page 3