FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption. Upstream patch: https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7
Created freerdp tracking bugs for this issue: Affects: epel-6 [bug 1671370]
Statement: This issue did not affect the versions of freerdp as shipped with Red Hat Enterprise Linux 6 and 7 as they did not include support for ZGFX data compression.