FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption. Upstream patch: https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
Created freerdp tracking bugs for this issue: Affects: epel-6 [bug 1671370]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:0697 https://access.redhat.com/errata/RHSA-2019:0697