CVE-2018-8785

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-8785
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-8785.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-8785
Downstream
Related
Published
2018-11-29T18:29:00Z
Modified
2025-09-19T10:11:52.337789Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.

References

Affected packages

Git / github.com/freerdp/freerdp

Affected ranges

Type
GIT
Repo
https://github.com/freerdp/freerdp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
602f4a2e14b41703b5f431de3154cd46a5750a2d

Affected versions

1.*

1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9

2.*

2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "171318857615434305103868353373347401026",
                    "126879061704302225276850893636598577061",
                    "288643554774339084636302020916721372641",
                    "159575444503892091637188374424194233139",
                    "125803571012187168895245295538840102256",
                    "108301676587632000074685429447527943786",
                    "89964981123251029047856481982713146609",
                    "28465286330426044407674087024628006927",
                    "193279538454069526369357701508561593718",
                    "255025816971852424310420464121101197015",
                    "187165041423917341570922348636573559671",
                    "297328310955153656922954370780556935392",
                    "114946725377952051774154391136204482136",
                    "281565084121182456440438764274530564272",
                    "169132286192010401475866937038799914034",
                    "21022000495400926784530149428950853035",
                    "194185210989642556862374418840857631169",
                    "290394900242427724301642579796475088070",
                    "63040545597896007387126346079048702373",
                    "22947327746539632036195003880151043527",
                    "271294670260486936320213940862031675261",
                    "40276754901763998729403347250462254840",
                    "282953022741559062865115942210257831115",
                    "218481686813916003269010678079394500200",
                    "138285938561986672094772847282166150604",
                    "82154962552781615333622910154204477798"
                ]
            },
            "deprecated": false,
            "signature_type": "Line",
            "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d",
            "id": "CVE-2018-8785-3d6dbd58",
            "signature_version": "v1",
            "target": {
                "file": "include/freerdp/codec/zgfx.h"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "211914859406272048573373643485869386910",
                    "316350969647573345033485944242927935086",
                    "153924358498147806064550232867249625971",
                    "126773402608693904588725442629026589446",
                    "108555450789418878317743574318509310160",
                    "249444082236265128818936789362674969404",
                    "43524453607316201734781905139916788412",
                    "48704473415701958551739302285835797960",
                    "11746768229264577638097488343907716083",
                    "225093502494380624320366450649808787381",
                    "198164708002154154246585153268708514531",
                    "134026908840211233980241665155009683149",
                    "138250544759356659348855944840383257036",
                    "210485603361963462901156634949968695014",
                    "100840972518471233083017063461192225496",
                    "70288751856035211943902779333071366924",
                    "177574237666916054501961411928866636758",
                    "161221231866629027214656856789443898455",
                    "101872172283870639836839087345183776244",
                    "183004235591668635388793416221527180952",
                    "298437649471649633217563878836004963970",
                    "162385472100725117259729598207822881628",
                    "41129031060202863644482772229506692175",
                    "163544055115317878678278670022642165044",
                    "44557879043890664797803257575318115529",
                    "248742884465377031765431311570760123739",
                    "7208140483740697429081407101494720205",
                    "250513356280408871578634457956152772412",
                    "204253732601500993850061503682101931295",
                    "317842043031219052224841167671528814571",
                    "61629990090585689138645113265582666227",
                    "72487069367910799934599230940372489812",
                    "32115507658897446478508603880977138723",
                    "250190675394565693826732313645398674976",
                    "134205791729633565030808541705002392880",
                    "37932144653196509795294570565074252538",
                    "173730070127955936737766131057075985370",
                    "322911572113625092808556063360395738938",
                    "312520690869848661702533878685298524250",
                    "232327484580217803780027448402567734932",
                    "338462065946862999126197961769730097949",
                    "29450727171727428683931461226081381870",
                    "157180894746439829196264389133068891759",
                    "28817316948103371617366834546336744576"
                ]
            },
            "deprecated": false,
            "signature_type": "Line",
            "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d",
            "id": "CVE-2018-8785-4107a888",
            "signature_version": "v1",
            "target": {
                "file": "libfreerdp/codec/zgfx.c"
            }
        },
        {
            "digest": {
                "function_hash": "125155827918534110536639891402660234831",
                "length": 2501.0
            },
            "deprecated": false,
            "signature_type": "Function",
            "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d",
            "id": "CVE-2018-8785-53557f21",
            "signature_version": "v1",
            "target": {
                "file": "libfreerdp/codec/zgfx.c",
                "function": "zgfx_decompress_segment"
            }
        },
        {
            "digest": {
                "function_hash": "291893467602469246699847469917400173775",
                "length": 1342.0
            },
            "deprecated": false,
            "signature_type": "Function",
            "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d",
            "id": "CVE-2018-8785-b37ca04e",
            "signature_version": "v1",
            "target": {
                "file": "libfreerdp/codec/zgfx.c",
                "function": "zgfx_decompress"
            }
        }
    ]
}