DescriptionInteger signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2008:041, published Thu, 14 Aug 2008 18:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA rdesktop-1.9.0-4.6
SUSE Timeline for this CVECVE page created: Fri Jun 28 03:48:11 2013
CVE page last modified: Fri Oct 7 12:45:41 2022