CVE-2020-11085 – Out-of-bounds Read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11085
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0. En FreeRDP versiones anteriores a 2.1.0, se presenta una lectura fuera de límites en la función cliprdr_read_format_list. Los datos de formato Clipboard leídos (por el cliente o el servidor) podrían leer datos fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2j4w-v45m-95hf https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11085 https://bugzilla.redhat.com/show_bug.cgi?id=1844161 • CWE-125: Out-of-bounds Read •
CVE-2020-11039 – Integer Overflow in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11039
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, cuando se usa un servidor manipulado con redirección del USB permitió que (por poco) una memoria arbitraria pueda ser leída y escrita debido a unos desbordamientos de enteros en las comprobaciones de longitud. Esto ha sido parcheado en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mx9p-f6q8-mqwq https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11039 https://bugzilla.redhat.com/show_bug.cgi?id=1848022 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2020-11089 – Out-of-bound read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11089
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0. En FreeRDP versiones anteriores a 2.1.0, se presenta una lectura fuera de límite en las funciones de irp (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). Esto ha sido corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/6b485b146a1b9d6ce72dfd7b5f36456c166e7a16 https://github.com/FreeRDP/FreeRDP/commit/795842f4096501fcefc1a7f535ccc8132feb31d7 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hfc7-c5gv-8c2h https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11089 https://bugzilla.redhat.com/show_bug.cgi?id=1844184 • CWE-125: Out-of-bounds Read •
CVE-2020-11087 – Out-of-bounds Read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11087
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta una lectura fuera de límites en la función ntlm_read_AuthenticateMessage. Esto ha sido corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/8241ab42fdf0cc89cf69fc574bf6360c9977a0d4 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7 https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11087 https://bugzilla.redhat.com/show_bug.cgi?id=1844171 • CWE-125: Out-of-bounds Read •
CVE-2020-11018 – Out of bound read in cliprdr_server_receive_capabilities in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, una posible vulnerabilidad de agotamiento de recursos puede ser realizada . Los clientes maliciosos podrían desencadenar lecturas fuera de límite causando una asignación de memoria con tamaño aleatorio. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8cvc-vcw7-6mfw https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11018 https://bugzilla.redhat.com/show_bug.cgi?id=1848008 • CWE-125: Out-of-bounds Read •