CVE-2008-5904

The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.

Date published : 2009-01-15

http://packetstormsecurity.org/0812-advisories/VA_VD_87_08_XRDP.pdf

http://openwall.com/lists/oss-security/2009/01/12/3