Mandriva Linux Security Advisory : freerdp (MDVSA-2015:171)
High Nessus Plugin ID 82447
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated freerdp packages fix security vulnerabilities :
Integer overflows in memory allocations in client/X11/xf_graphics.c in FreeRDP through 1.0.2 allows remote RDP servers to have an unspecified impact through unspecified vectors (CVE-2014-0250).
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet (CVE-2014-0791).
SolutionUpdate the affected freerdp, lib64freerdp-devel and / or lib64freerdp1 packages.