Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-0250

Published: 16 November 2014

Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.

Priority

Low

Status

Package Release Status
freerdp
Launchpad, Ubuntu, Debian 		lucid Does not exist

precise Ignored
(end of life)
saucy Ignored
(end of life)
trusty
Released (1.0.2-2ubuntu1.1)
upstream Needs triage

utopic Ignored
(end of life)
vivid Ignored
(end of life)
wily Ignored
(end of life)
xenial Not vulnerable
(1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1)
yakkety Ignored
(end of life)
zesty Not vulnerable
(1.1.0~git20140921.1.440916e+dfsg1-10ubuntu1)
Patches:
upstream: https://github.com/FreeRDP/FreeRDP/commit/532c42052a0b4769071cdcf08f03970de95390ab
upstream: https://github.com/FreeRDP/FreeRDP/commit/640b90139622c9a8ac8a959066ef9d0c09936876
upstream: https://github.com/FreeRDP/FreeRDP/commit/61a58532dbb0b8d8654446b7fbb23cbeabae2e8c
upstream: https://github.com/FreeRDP/FreeRDP/commit/07e0eba7dbf3522e749da28fb55e3921d72d9b6b
vendor: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2014-0250

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading