FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. A flaw was found in freerdp in versions prior to version 2.0.0-rc4. An integer truncation that leads to a heap-based buffer overflow in the update_read_bitmap_update() function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center