CVE-2020-11088 – Out-of-bound read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11088
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta una lectura fuera de límite en la función ntlm_read_NegotiateMessage. Esto ha sido corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/8fa38359634a9910b91719818ab02f23c320dbae https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xh4f-fh87-43hp https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11088 https://bugzilla.redhat.com/show_bug.cgi?id=1844177 • CWE-125: Out-of-bounds Read •
CVE-2020-11038 – Integer Overflow to Buffer Overflow in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11038
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta un Desbordamiento de Enteros en un Desbordamiento de Búfer. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h25x-cqr6-fp6g https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11038 https://bugzilla.redhat.com/show_bug.cgi?id=1848018 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2020-13398 – freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c
https://notcve.org/view.php?id=CVE-2020-13398
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. Se detectó un problema en FreeRDP versiones anteriores a 2.1.1. Ha sido detectada una vulnerabilidad de escritura fuera de límites (OOB) en la función crypto_rsa_common en el archivo libfreerdp/crypto/crypto.c. An issue was found in freerdp's libfreerdp/crypto/crypto.c, in versions before 2.1.1, where buffer access with an incorrect length value, leads to an out-of-bounds write. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/8305349a943c68b1bc8c158f431dc607655aadea https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072abcee8ce5bd6ae91104628c7bb69 https://github.com/FreeRDP/FreeRDP/compare/2.1.0...2.1.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https:& • CWE-787: Out-of-bounds Write •
CVE-2020-13396 – freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
https://notcve.org/view.php?id=CVE-2020-13396
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. Se detectó un problema en FreeRDP versiones anteriores a 2.1.1. Se detectó una vulnerabilidad de lectura fuera de límites (OOB) en la función ntlm_read_ChallengeMessage en el archivo winpr/libwinpr/sspi/NTLM/ ntlm_message.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/48361c411e50826cb602c7aab773a8a20e1da6bc https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072abcee8ce5bd6ae91104628c7bb69 https://github.com/FreeRDP/FreeRDP/compare/2.1.0...2.1.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https:& • CWE-125: Out-of-bounds Read •
CVE-2020-13397 – freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c
https://notcve.org/view.php?id=CVE-2020-13397
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. Se detectó un problema en FreeRDP versiones anteriores a 2.1.1. Ha sido detectada una vulnerabilidad de lectura fuera de límites (OOB) en la función security_fips_decrypt en el archivo libfreerdp/core/security.c debido a un valor no inicializado. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072abcee8ce5bd6ae91104628c7bb69 https://github.com/FreeRDP/FreeRDP/commit/d6cd14059b257318f176c0ba3ee0a348826a9ef8 https://github.com/FreeRDP/FreeRDP/compare/2.1.0...2.1.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https:& • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •