FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "171318857615434305103868353373347401026", "126879061704302225276850893636598577061", "288643554774339084636302020916721372641", "159575444503892091637188374424194233139", "125803571012187168895245295538840102256", "108301676587632000074685429447527943786", "89964981123251029047856481982713146609", "28465286330426044407674087024628006927", "193279538454069526369357701508561593718", "255025816971852424310420464121101197015", "187165041423917341570922348636573559671", "297328310955153656922954370780556935392", "114946725377952051774154391136204482136", "281565084121182456440438764274530564272", "169132286192010401475866937038799914034", "21022000495400926784530149428950853035", "194185210989642556862374418840857631169", "290394900242427724301642579796475088070", "63040545597896007387126346079048702373", "22947327746539632036195003880151043527", "271294670260486936320213940862031675261", "40276754901763998729403347250462254840", "282953022741559062865115942210257831115", "218481686813916003269010678079394500200", "138285938561986672094772847282166150604", "82154962552781615333622910154204477798" ] }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d", "id": "CVE-2018-8785-3d6dbd58", "signature_version": "v1", "target": { "file": "include/freerdp/codec/zgfx.h" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "211914859406272048573373643485869386910", "316350969647573345033485944242927935086", "153924358498147806064550232867249625971", "126773402608693904588725442629026589446", "108555450789418878317743574318509310160", "249444082236265128818936789362674969404", "43524453607316201734781905139916788412", "48704473415701958551739302285835797960", "11746768229264577638097488343907716083", "225093502494380624320366450649808787381", "198164708002154154246585153268708514531", "134026908840211233980241665155009683149", "138250544759356659348855944840383257036", "210485603361963462901156634949968695014", "100840972518471233083017063461192225496", "70288751856035211943902779333071366924", "177574237666916054501961411928866636758", "161221231866629027214656856789443898455", "101872172283870639836839087345183776244", "183004235591668635388793416221527180952", "298437649471649633217563878836004963970", "162385472100725117259729598207822881628", "41129031060202863644482772229506692175", "163544055115317878678278670022642165044", "44557879043890664797803257575318115529", "248742884465377031765431311570760123739", "7208140483740697429081407101494720205", "250513356280408871578634457956152772412", "204253732601500993850061503682101931295", "317842043031219052224841167671528814571", "61629990090585689138645113265582666227", "72487069367910799934599230940372489812", "32115507658897446478508603880977138723", "250190675394565693826732313645398674976", "134205791729633565030808541705002392880", "37932144653196509795294570565074252538", "173730070127955936737766131057075985370", "322911572113625092808556063360395738938", "312520690869848661702533878685298524250", "232327484580217803780027448402567734932", "338462065946862999126197961769730097949", "29450727171727428683931461226081381870", "157180894746439829196264389133068891759", "28817316948103371617366834546336744576" ] }, "deprecated": false, "signature_type": "Line", "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d", "id": "CVE-2018-8785-4107a888", "signature_version": "v1", "target": { "file": "libfreerdp/codec/zgfx.c" } }, { "digest": { "function_hash": "125155827918534110536639891402660234831", "length": 2501.0 }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d", "id": "CVE-2018-8785-53557f21", "signature_version": "v1", "target": { "file": "libfreerdp/codec/zgfx.c", "function": "zgfx_decompress_segment" } }, { "digest": { "function_hash": "291893467602469246699847469917400173775", "length": 1342.0 }, "deprecated": false, "signature_type": "Function", "source": "https://github.com/freerdp/freerdp/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d", "id": "CVE-2018-8785-b37ca04e", "signature_version": "v1", "target": { "file": "libfreerdp/codec/zgfx.c", "function": "zgfx_decompress" } } ] }