| Errata ID | 441 |
|---|---|
| Date | 2019-02-27 |
| Source package | rdesktop |
| Fixed in version | 1.8.4-1~deb9u1 |
| Description | This update addresses the following issues: * Minor information leak in rdpdr_process (CVE-2018-8791) * Denial of Service in cssp_read_tsrequest (CVE-2018-8792) * Remote code execution in cssp_read_tsrequest (CVE-2018-8793) * Memory corruption in process_bitmap_data (CVE-2018-8794) * Remote code execution in process_bitmap_data (CVE-2018-8795) * Denial of Service in process_bitmap_data (CVE-2018-8796) * Remote code execution in process_plane (CVE-2018-8797) * Minor information leak in rdpsnd_process_ping (CVE-2018-8798) * Denial of Service in process_secondary_order (CVE-2018-8799) * Remote code execution in ui_clip_handle_data (CVE-2018-8800) * Information leak in ui_clip_handle_data (CVE-2018-20174) * Denial of Service in mcs_recv_connect_response and mcs_parse_domain_params (CVE-2018-20175) * Denial of Service in sec_parse_crypt_info and sec_recv (CVE-2018-20176) * Memory corruption in rdp_in_unistr (CVE-2018-20177) * Denial of Service in process_demand_active (CVE-2018-20178) * Remote code execution in lspci_process (CVE-2018-20179) * Remote code execution in rdpsnddbg_process (CVE-2018-20180) * Remote code execution in seamless_process (CVE-2018-20181) * Remote code execution in seamless_process_line (CVE-2018-20182) |
| Additional notes | |
| CVE ID | CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798 CVE-2018-8799 CVE-2018-8800 CVE-2018-20174 CVE-2018-20175 CVE-2018-20176 CVE-2018-20177 CVE-2018-20178 CVE-2018-20179 CVE-2018-20180 CVE-2018-20181 CVE-2018-20182 |
| UCS Bug number | #48776 |
