{"id":"CVE-2018-8789","details":"FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).","modified":"2026-04-16T06:16:00.987494117Z","published":"2018-11-29T18:29:01.053Z","related":["SUSE-SU-2019:0134-1","SUSE-SU-2019:0539-1","SUSE-SU-2020:2272-1","openSUSE-SU-2019:0325-1","openSUSE-SU-2024:10768-1"],"references":[{"type":"WEB","url":"https://usn.ubuntu.com/3845-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3845-1/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106938"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html"},{"type":"FIX","url":"https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"},{"type":"EVIDENCE","url":"https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/freerdp/freerdp","events":[{"introduced":"0"},{"last_affected":"84f8161897534d9263ffebe43092827d40fc7ffb"},{"introduced":"0"},{"last_affected":"7a7b180277a9c04809bf07a54882d7c33eeeb9f9"},{"introduced":"0"},{"last_affected":"a4f147683db7aa99a6075aeaf7c698bc6ba84d11"},{"fixed":"2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.0.0-rc1"},{"introduced":"0"},{"last_affected":"2.0.0-rc2"},{"introduced":"0"},{"last_affected":"2.0.0-rc3"}]}}],"versions":["1.0-beta1","1.0-beta2","1.0-beta4","1.0-beta5","1.0.0","1.0.1","1.1.0-beta+2013071101","1.1.0-beta1","1.1.0-beta1+android2","1.1.0-beta1+android3","1.1.0-beta1+android4","1.1.0-beta1+android5","1.1.0-beta1+ios1","1.1.0-beta1+ios2","1.1.0-beta1+ios3","1.1.0-beta1+ios4","1.2.0-beta1+android7","1.2.0-beta1+android9","2.0.0-beta1+android10","2.0.0-beta1+android11","2.0.0-rc0","2.0.0-rc1","2.0.0-rc2","2.0.0-rc3"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","target":{"function":"ntlm_write_message_header","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_type":"Function","digest":{"function_hash":"104666998909858465077127195473671038048","length":166},"id":"CVE-2018-8789-058ee239","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"function":"ntlm_free_message_fields_buffer","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"170710971707607590783363297821836205900","length":205},"id":"CVE-2018-8789-2a259ec6","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"signature_version":"v1","target":{"function":"ntlm_populate_message_header","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_type":"Function","digest":{"function_hash":"283843652711872419912044124972920986301","length":154},"id":"CVE-2018-8789-2e3f0579","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"function":"ntlm_read_message_fields","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"216458904940794659093048359955489533779","length":226},"id":"CVE-2018-8789-3d0a6a25","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"function":"ntlm_print_message_fields","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"227272114302109720051846611850339263089","length":297},"id":"CVE-2018-8789-3e03cc66","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"signature_version":"v1","target":{"function":"ntlm_read_message_header","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_type":"Function","digest":{"function_hash":"79989285417187504712620478628419143651","length":287},"id":"CVE-2018-8789-435e63a0","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"function":"ntlm_read_message_fields_buffer","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"330687294269170097786740306995284855654","length":366},"id":"CVE-2018-8789-5479e757","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"function":"ntlm_write_message_fields_buffer","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"173110592803849705728268197453211253761","length":179},"id":"CVE-2018-8789-70826ef2","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"function":"ntlm_write_message_fields","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"270777398848695346094829189835817021072","length":232},"id":"CVE-2018-8789-71db47ec","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false},{"target":{"file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Line","deprecated":false,"id":"CVE-2018-8789-c373971f","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","digest":{"threshold":0.9,"line_hashes":["141388096029824229107258550406043917158","190381604198957738224615821904871198816","107472011250675843518337461985410453668","331657587905935938375928408124442702365","294933032372482990280748369613247204181","257299346344913977102996256675409972028","326533349057509587644257562962924979813","288220213863572331025000392570149192136","320422840755663457233989205783420236795","72000167384395992132114718759336864713","134520156972828202007209773547494507962","224485915753400266215066766221479310924","278027235894386815449509789099664286242","237779382959456724208502170486875097488","175712396941016635511519837515906449920","323175446857894556215237070598178406542","280099474914777847042906139552064963937","126147951973595458915084138453863604080","94243000257200106645124783253277634325","57356964325644180767956680465074050366","295733755374876150530365560171671275797","197218410595583638667719244783813296207","275837846088023751954566886446380264501","158292710558326824696219635057138516273","14187902352233405405689005472155043846","30761050056529296441160300875491919331","57678404627833274032894164970895703648","286405008913403208215458626518378822318","317873073681882337630457940006601050610","30522712860483800440740391271894874517","230905932345515611423920906348374256119","56506130904988361277835373318002353398","93282956823528385495003637186796287285","273075007549549054288273079153090172423","250126465286811355096668887674986024217","103917916208501266416136027903653871419","86283449482104195398886800675729523542","274204957841935652757746360191395365760","258094129583314623248906007764725294860","74818200391575424598381810720983480611","180402389028844245743152125932673243213","161477785166185900976576829104618949833","258473084281935068844384514057278756772","86901371115714568833490039928028219431","234469747823974058129348078647458644448","38778876087778001309056396153912066779"]}},{"target":{"function":"ntlm_print_negotiate_flags","file":"winpr/libwinpr/sspi/NTLM/ntlm_message.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"19375029799383113552940580250917110217","length":306},"id":"CVE-2018-8789-f2a8a60d","source":"https://github.com/freerdp/freerdp/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6","deprecated":false}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8789.json","vanir_signatures_modified":"2026-04-11T08:05:25Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}