FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

freerdp -- multiple vulnerabilities

Affected packages
freerdp < 2.9.0

Details

VuXML ID 1f0421b1-8398-11ed-973d-002b67dfc673
Discovery 2022-12-24
Entry 2022-12-24

FreeRDP reports:

GHSA-5w4j-mrrh-jjrm: Out of bound read in zgfx decoder.

GHSA-99cm-4gw7-c8jh: Undefined behaviour in zgfx decoder.

GHSA-387j-8j96-7q35: Division by zero in urbdrc channel.

GHSA-mvxm-wfj2-5fvh: Missing length validation in urbdrc channel.

GHSA-qfq2-82qr-7f4j: Heap buffer overflow in urbdrc channel.

GHSA-c5xq-8v35-pffg: Missing path sanitation with `drive` channel.

GHSA-pmv3-wpw4-pw5h: Missing input length validation in `drive` channel.

[source]

References

CVE Name CVE-2022-39316
CVE Name CVE-2022-39317
CVE Name CVE-2022-39318
CVE Name CVE-2022-39319
CVE Name CVE-2022-39320
CVE Name CVE-2022-39347
CVE Name CVE-2022-41877
URL https://nvd.nist.gov/vuln/detail/CVE-2022-39316
URL https://nvd.nist.gov/vuln/detail/CVE-2022-39317
URL https://nvd.nist.gov/vuln/detail/CVE-2022-39318
URL https://nvd.nist.gov/vuln/detail/CVE-2022-39319
URL https://nvd.nist.gov/vuln/detail/CVE-2022-39320
URL https://nvd.nist.gov/vuln/detail/CVE-2022-39347
URL https://nvd.nist.gov/vuln/detail/CVE-2022-41877

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.