CVE-2008-5904

Common Vulnerabilities and Exposures

CVE-2008-5904 at MITRE

Details

The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.

Novell Bugzilla entry: 450898

SUSE Security Advisories:

SUSE-SR:2009:003, published Mon, 02 Feb 2009 16:30:00 +0000
SUSE-SR:2009:003 , published Mon, 02 Feb 2009 16:30:00 +0000

Product(s)	Fixed package version(s)	References
openSUSE 11.1	`xrdp-debuginfo >= 0.4.1-16.6.2` `xrdp-debugsource >= 0.4.1-16.6.2`	SAT Patch Nr: 453
openSUSE 11.1	`xrdp >= 0.4.1-16.6.2`	SAT Patch Nr: 453
openSUSE 11.1	`xrdp-debuginfo >= 0.4.1-16.7.1` `xrdp-debugsource >= 0.4.1-16.7.1`	SAT Patch Nr: 458
openSUSE 11.1	`xrdp >= 0.4.1-16.7.1`	SAT Patch Nr: 458