9.3

CVE-2008-1803

Exploit
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow.  NOTE: the role of the channel_process function was not specified by the original researcher.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RdesktopRdesktop Version1.5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.74% 0.931
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/30118
Vendor Advisory
http://secunia.com/advisories/30248
Vendor Advisory
http://secunia.com/advisories/30713
Vendor Advisory
http://secunia.com/advisories/31224
Vendor Advisory
http://secunia.com/advisories/31928
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200806-04.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240708-1
http://support.avaya.com/elmodocs2/security/ASA-2008-360.htm
http://www.debian.org/security/2008/dsa-1573
http://www.mandriva.com/security/advisories?name=MDVSA-2008:101
http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00244.html
http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00270.html
http://www.redhat.com/archives/fedora-package-announce/2008-May/msg00296.html
http://www.redhat.com/support/errata/RHSA-2008-0575.html
Vendor Advisory
http://www.securityfocus.com/bid/29097
http://www.ubuntu.com/usn/usn-646-1
http://www.vupen.com/english/advisories/2008/1467/references
Vendor Advisory
http://www.vupen.com/english/advisories/2008/2403
Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698
http://rdesktop.cvs.sourceforge.net/rdesktop/rdesktop/rdesktop.c?r1=1.161&r2=1.162&pathrev=HEAD
Exploit
http://sourceforge.net/mailarchive/message.php?msg_name=20080511065217.GA24455%40cse.unsw.EDU.AU
Patch
http://www.securitytracker.com/id?1019992
https://exchange.xforce.ibmcloud.com/vulnerabilities/42277
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9800