CVE-2014-0250

Priority
Low
Description
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow
remote attackers to have an unspecified impact via the width and height to
the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes
an incorrect amount of memory to be allocated.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):not-affected (1.1.0~git20140921.1.440916e+dfsg1-10ubuntu1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.0.2-2ubuntu1.1)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1)
Ubuntu 17.04 (Zesty Zapus):not-affected (1.1.0~git20140921.1.440916e+dfsg1-10ubuntu1)
Patches:
Upstream:https://github.com/FreeRDP/FreeRDP/commit/532c42052a0b4769071cdcf08f03970de95390ab
Upstream:https://github.com/FreeRDP/FreeRDP/commit/640b90139622c9a8ac8a959066ef9d0c09936876
Upstream:https://github.com/FreeRDP/FreeRDP/commit/61a58532dbb0b8d8654446b7fbb23cbeabae2e8c
Upstream:https://github.com/FreeRDP/FreeRDP/commit/07e0eba7dbf3522e749da28fb55e3921d72d9b6b
Vendor:https://bugzilla.novell.com/show_bug.cgi?id=CVE-2014-0250
More Information

Updated: 2017-08-11 23:51:38 UTC (commit 13081)