Denial of Service Vulnerability in FreeRDP by FreeRDP Project
CVE-2013-4118

7.5HIGH

Key Information:

Vendor

Freerdp

Status
Freerdp
Vendor
CVE Published:
3 October 2016

What is CVE-2013-4118?

FreeRDP, prior to version 1.1.0-beta1, is susceptible to a denial of service vulnerability that allows remote attackers to exploit unspecified vectors, resulting in a NULL pointer dereference and subsequent application crash. This flaw potentially disrupts service availability and could be leveraged in various attack scenarios.

References

http://www.openwall.com/lists/oss-security/2013/07/11/12
mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2013/07/12/2
mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-updates/2016-09/msg001...
vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.