{"id":"CVE-2018-8784","details":"FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.","modified":"2026-04-16T06:18:34.503400916Z","published":"2018-11-29T18:29:00.803Z","related":["SUSE-SU-2019:0134-1","SUSE-SU-2019:0539-1","SUSE-SU-2020:2272-1","openSUSE-SU-2019:0325-1","openSUSE-SU-2024:10768-1"],"references":[{"type":"ADVISORY","url":"https://usn.ubuntu.com/3845-1/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106938"},{"type":"FIX","url":"https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7"},{"type":"EVIDENCE","url":"https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/freerdp/freerdp","events":[{"introduced":"0"},{"last_affected":"84f8161897534d9263ffebe43092827d40fc7ffb"},{"introduced":"0"},{"last_affected":"7a7b180277a9c04809bf07a54882d7c33eeeb9f9"},{"introduced":"0"},{"last_affected":"a4f147683db7aa99a6075aeaf7c698bc6ba84d11"},{"fixed":"17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.0.0-rc1"},{"introduced":"0"},{"last_affected":"2.0.0-rc2"},{"introduced":"0"},{"last_affected":"2.0.0-rc3"}]}}],"versions":["1.0-beta1","1.0-beta2","1.0-beta4","1.0-beta5","1.0.0","1.0.1","1.1.0-beta+2013071101","1.1.0-beta1","1.1.0-beta1+android2","1.1.0-beta1+android3","1.1.0-beta1+android4","1.1.0-beta1+android5","1.1.0-beta1+ios1","1.1.0-beta1+ios2","1.1.0-beta1+ios3","1.1.0-beta1+ios4","1.2.0-beta1+android7","1.2.0-beta1+android9","2.0.0-beta1+android10","2.0.0-beta1+android11","2.0.0-rc0","2.0.0-rc1","2.0.0-rc2","2.0.0-rc3"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8784.json","vanir_signatures":[{"deprecated":false,"source":"https://github.com/freerdp/freerdp/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7","digest":{"length":498,"function_hash":"5425658578842756555766032532911221974"},"signature_version":"v1","signature_type":"Function","target":{"function":"zgfx_GetBits","file":"libfreerdp/codec/zgfx.c"},"id":"CVE-2018-8784-3ee578e2"},{"id":"CVE-2018-8784-99d08a87","source":"https://github.com/freerdp/freerdp/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7","digest":{"line_hashes":["183004235591668635388793416221527180952","308551081678144123828325673808498648805","154313303284566741372749909479475738030","132884302306568066085333383287459666709","262492858770932996240150910068351063854","203702999331377103310646261393761919250","167380914164342764959401217543543095567","13540684346446715777637802021582209554","311891805920254916498775542912402450263","241516527663528718358904487599677710163","97308244726792857383179309575420684207","18665083726635648619654057544017589864","334986266750018248128782574845546139084","26307924798652688742837269370744161570","172851853559149624580627288319374799581","45345896685779517200997882316629828497","264274875738533249388971173521124600956","194011039796460496619575215719090768957","173226611019216288356929805813144347970","259557405479208692191625725125700443687","126584308940012886196255270920460352175","152539648080863676852541452921266141059","170170358519463512489981916209534205080"],"threshold":0.9},"signature_version":"v1","signature_type":"Line","target":{"file":"libfreerdp/codec/zgfx.c"},"deprecated":false},{"deprecated":false,"source":"https://github.com/freerdp/freerdp/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7","digest":{"length":2505,"function_hash":"322517898482837905962037901991472629201"},"signature_version":"v1","signature_type":"Function","target":{"function":"zgfx_decompress_segment","file":"libfreerdp/codec/zgfx.c"},"id":"CVE-2018-8784-e4341463"}],"vanir_signatures_modified":"2026-04-11T11:39:55Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}