CVE-2018-8788
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-8788
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-8788.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-8788
- Downstream
- Related
- Published
- 2018-11-29T18:29:00Z
- Modified
- 2025-09-19T10:12:00.087487Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode() that results in a memory corruption and possibly even a remote code execution.
- References
-
- http://www.securityfocus.com/bid/106938
- https://access.redhat.com/errata/RHSA-2019:0697
- https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
- https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html
- https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
- https://usn.ubuntu.com/3845-1/
- https://usn.ubuntu.com/3845-2/
Affected packages
Git / github.com/freerdp/freerdp
Affected ranges
- Type
- GIT
- Repo
- https://github.com/freerdp/freerdp
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
Database specific
{
"vanir_signatures": [
{
"digest": {
"function_hash": "153779848183198554469071064383973258896",
"length": 173.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_encode.c",
"function": "nsc_encode"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-23aa7b34"
},
{
"digest": {
"function_hash": "183190401100073932234652218872452737441",
"length": 184.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_sse2.c",
"function": "nsc_encode_sse2"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-3ef9df0a"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"251630711006710860952413173432532319688",
"156784550449438806484243873020465710664"
]
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_encode.h"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-485116c8"
},
{
"digest": {
"function_hash": "270014686175006182219932267633982939439",
"length": 760.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_encode.c",
"function": "nsc_rle_encode"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-4bd3a929"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"199857630912290053543480281601678841408",
"330198608795548772319316461979962803884",
"202445436277952859048474576866872535555",
"218427036957473197678287263987397634485",
"211750335253927892689538128008455750441",
"99518285033660664578058667491821322397",
"208129161944235377440280469238819184198",
"24616812033448469249591500144892651140",
"43126985493216962160082988580413329053",
"58085398783916996569753855595055426665",
"215896063168995299710365966588128755066",
"136318252041871473466674427701716177676",
"148399837862449252434309120489164338232",
"330805115574644854058909494202857309701",
"130224248535907241741244368658398493627",
"279483866337519271529515956813832629208",
"261486833743923877283372976238475436085",
"326241086413900551096446571796662991113",
"89171027015402434193319753862239180947",
"264479514853566763007256815835281541105",
"277365197021940048869104149355278186300",
"170676294385238679461467958636781240925",
"234972352042181213051069135044821643325",
"329691312363831554373297380914014969302",
"274717222167819021656828134811466378178",
"144759593171973645545918270352161681046",
"99017924690506960048951402103750887295",
"233215932084918540447428237332688118273",
"131658923163234174706423814858129568349",
"263430739651279079444077194796777944055",
"286744775324570684718097827434296962609",
"184692035697531891948963056360059242045",
"329691312363831554373297380914014969302",
"102871964496660955983405191705737314490",
"112486682121447833052855295420093366937",
"275855513369653447579113968729864345551",
"291888351570907347126782271328247394910",
"259076878536795869183943061934629718059",
"301273184386804341695951194938967188025",
"38257492272442670681088314206018798001",
"179006498863953408953216390622262319618",
"164451855427896433918063621089400395951",
"290731206052233925304823867534634651694",
"7811135701079214274181820449891492111",
"267305569154448931765770033736449264300",
"186915298742350286714785642172576800972",
"115688272675072459357822691699223277",
"235966990232624925191961490190432737368",
"96215636595027237934496435223576366336",
"203908187818365350748845426823203887100",
"107077210039852953600690779628125154814",
"110375171655276926009715741326363671794",
"320903686120244138686815636274436343533",
"113762922630013544748062043573413763251",
"150703908648141559690797735080339409587",
"258334716102458910360854237582829370134",
"267188214303811421774897820317301880172",
"281309842215083752013146618311718338933",
"172635236269271185889033843215242254130",
"269701789928691321052688134552412726862",
"159608044722055190502114665814682882658",
"117347298332285172328645853344630617895",
"55329549516677260917274087047080721259",
"181935580118841992340014087981245377157",
"336207592796827669366347498858395614765"
]
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc.c"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-5d28ee5d"
},
{
"digest": {
"function_hash": "258876766771927297170980464970390710080",
"length": 956.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_encode.c",
"function": "nsc_encode_subsampling"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-8831a007"
},
{
"digest": {
"function_hash": "331308770892357597774093220488362837927",
"length": 3518.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_encode.c",
"function": "nsc_encode_argb_to_aycocg"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-8838b45e"
},
{
"digest": {
"function_hash": "240902708551999227469971773884090101199",
"length": 1388.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_decode"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-94a45592"
},
{
"digest": {
"function_hash": "257261737435506976399870108356498395822",
"length": 535.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_rle_decode"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-9a71d064"
},
{
"digest": {
"function_hash": "93432185138692238391241530873005266042",
"length": 1331.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_process_message"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-da16c884"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"56045253510138684014224104095184001513",
"227420233783145223250576119819084396605",
"208126602105319765743322395146602028674",
"186150970492099727904430578278624477838",
"32739204520488018446571574348596998810",
"156925474142025643710644283484336298401",
"23744351049121846459431389644137636124",
"214243943584544523658700996961941921769",
"245663713878422042526714642957297695237",
"90619760479273182163599072637661886026",
"93704165959899123225625970044293973466",
"318602618143592954148480282555055137809",
"153701503662446670479635453719169352492",
"42848040597228094294709493235831460839",
"261935044118223929835413858926330236995",
"302603430312748168044386906530946771836",
"140094917416302322432085512183820039188",
"171469106905677360965055574701230651616",
"152306154986516979325237217613588517096",
"338273242463338355590881099880322563473",
"310335208115246409146651769890598726896",
"117260482525903104469259957790038501772",
"338791302603063748869594166399238925099",
"51379396798867065444903233318094890130",
"78033199751529383444137952636177133016",
"260689709102210591519259674394470314980",
"91683339090183998587216408295772998280",
"337541956785267116286844487191339759021",
"278802978502692824988299051299888280751",
"6135362478245193984470362757183261869",
"106343706450485923602276391689111898777",
"118492034057565962443122288714799214931",
"40290205715053693218545034987403232215",
"255971070217369417381765052875459783122",
"15936584011792094944591865562988852025",
"301936206682720882839454257176067926536",
"283180361078903196964765854869910262759",
"27363097212474212154155706390241772711",
"238514422455458553809752803001787309831",
"308482240060373860296820128477194612198",
"293552741081402829959236698984665518651",
"313704824905750594974267742264604004559",
"318758839935014394778868548429779237936",
"282242645858892376951459031390576825536",
"193303673281068950636447747822828872819",
"53227618909284473445248656854978785199",
"71239215805224662685908032065532410417",
"120779148217239610422922208590961086292",
"155574028595659173432045330182270172639",
"324100554776889696205784759911198947743",
"198079008144103281096463721601107485674",
"91866373795616614923851822135094494490",
"181531708044835765381189487249928160677",
"339176017670310760582482388573464492874",
"140808014630713554125678382660145919209",
"299496419647060033995334860515732099651"
]
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_encode.c"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-de53e3e6"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"113528764379999438712018936343963904580",
"326087039761711864188055431139601849564",
"71595736511448688561679201112150588368",
"124948334834587059739065259140530744624",
"200308752870570885491877472979454962186"
]
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "include/freerdp/codec/nsc.h"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-f7b6fc7d"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"282538665466594700754111343237489935872",
"255104181640590233291356893777156867482",
"263015485192846196844728314659163223323",
"311625044519681101301887197458615941273",
"72725749595295521422998398660782490202",
"93027489240270621727733737324813136603",
"212566509445988550553053683032276607816",
"211545857531318053561990747283160357443"
]
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc_sse2.c"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-ffa6da99"
},
{
"digest": {
"function_hash": "293343293402794219159488477140213111629",
"length": 486.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_rle_decompress_data"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-8788-fffa9b89"
}
]
}