CVE-2008-1803

Priority
Low
Description
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop
1.5.0 allows remote attackers to execute arbitrary code via unknown
parameters that trigger a heap-based overflow. NOTE: the role of the
channel_process function was not specified by the original researcher.
References
Bugs
Assigned-to
jdstrand
Package
Upstream:released (1.5.0-4+cvs20071006)
Ubuntu 8.04 LTS (Hardy Heron):released (1.5.0-3+cvs20071006ubuntu0.1)
Patches:
Vendor:http://www.debian.org/security/2008/dsa-1573
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:45 UTC (commit 5347)