suse · CVE-2018-8787

Quick triage

Priority: high Published: 2021-05-30 14:11:56 UTC Updated: 2026-04-17 15:29:16 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-8787 severity important: SUSE including 78 source package names (freerdp-1.0.2-15.el7_6.1, freerdp-2.0.0~git.1463131968.4e66df7-12.8.1, …), 95 product×package rows across 20 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP3, … (20 product lines)): Fixed 95.

Description:

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

cvelogic Threat Intelligence