Vulnerability CVE-2018-20174: Information
Description
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
rdesktop | sisyphus | 1.8.4-alt1 | 1.9.0-alt1 | ALT-PU-2019-2898-1 | 239159 | Fixed |
rdesktop | p10 | 1.8.4-alt1 | 1.9.0-alt1 | ALT-PU-2019-2898-1 | 239159 | Fixed |
rdesktop | p9 | 1.9.0-alt1 | 1.9.0-alt1 | ALT-PU-2020-1636-1 | 248614 | Fixed |
rdesktop | c10f1 | 1.8.4-alt1 | 1.9.0-alt1 | ALT-PU-2019-2898-1 | 239159 | Fixed |
rdesktop | c9f2 | 1.9.0-alt1 | 1.9.0-alt1 | ALT-PU-2020-1636-1 | 248614 | Fixed |