{"id":"MGASA-2014-0287","summary":"Updated freerdp packages fix two vulnerabilities","details":"Updated freerdp packages fix security vulnerabilities:\n\nInteger overflows in memory allocations in client/X11/xf_graphics.c in FreeRDP\nthrough 1.0.2 allows remote RDP servers to have an unspecified impact through\nunspecified vectors (CVE-2014-0250).\n\nInteger overflow in the license_read_scope_list function in\nlibfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers\nto cause a denial of service (application crash) or possibly have unspecified\nother impact via a large ScopeCount value in a Scope List in a Server License\nRequest packet (CVE-2014-0791).\n","modified":"2026-04-16T06:26:08.416210845Z","published":"2014-07-08T22:41:00Z","upstream":["CVE-2014-0250","CVE-2014-0791"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0287.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00008.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13444"}],"affected":[{"package":{"name":"freerdp","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/freerdp?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.1-2.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0287.json"}},{"package":{"name":"freerdp","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/freerdp?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.2-2.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0287.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}