CVSS: 6.6EPSS: 2%CPEs: 13EXPL: 1CVE-2020-11523 – freerdp: Integer overflow in region.c
https://notcve.org/view.php?id=CVE-2020-11523
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. El archivo libfreerdp/gdi/region.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta un Desbordamiento de Enteros. A flaw was found in FreeRDP in versions between 1.0 and 2.0.0. An integer overflow was found in the region.c function which could allow an attacker the ability to control the RDP server as well as the data sent to the client. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4qrh-8cp8-4x42 https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://pub.freerdp.com/cve/CVE-2020-11523/pocAnalysis_2.pdf https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11523 https://bugzilla.redhat.com/show_bu • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-11058 – Improper Restriction of Operations within the Bounds of a Memory Buffer in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11058
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0. En FreeRDP versiones posteriores a 1.1 y anteriores a 2.0.0, una búsqueda fuera de límites de flujo de datos en rdp_read_font_capability_set podría conllevar a una posterior lectura fuera de límites. Como resultado, un cliente o servidor manipulado podría forzar una desconexión debido a una lectura de datos no válida. • https://github.com/FreeRDP/FreeRDP/commit/3627aaf7d289315b614a584afb388f04abfb5bbf https://github.com/FreeRDP/FreeRDP/issues/6011 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wjg2-2f82-466g https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11058 https://bugzilla.redhat.com/show_bug&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 1CVE-2020-11048 – Out-of-bounds Read in FreeRDPrdp_read_flow_control_pdu
https://notcve.org/view.php?id=CVE-2020-11048
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0. En FreeRDP versiones posteriores a 1.0 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límite. • https://github.com/FreeRDP/FreeRDP/commit/9301bfe730c66180263248b74353daa99f5a969b https://github.com/FreeRDP/FreeRDP/issues/6007 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hv8w-f2hx-5gcv https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11048 https://bugzilla.redhat.com/show_bug&# • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-11046 – Improper Restriction of Operations within the Bounds of a Memory Buffer in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11046
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read. En FreeRDP versiones posteriores a 1.0 y versiones anteriores a 2.0.0, se presenta una búsqueda fuera de límites de flujo de datos en update_read_synchronize que podría conllevar a una lectura posterior fuera de límites. • https://github.com/FreeRDP/FreeRDP/commit/ed53cd148f43cbab905eaa0f5308c2bf3c48cc37 https://github.com/FreeRDP/FreeRDP/issues/6006 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hx48-wmmm-mr5q https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11046 https://bugzilla.redhat.com/show_bug&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-11049 – Out-of-bounds Read in FreeRDPrdp_read_share_control_header
https://notcve.org/view.php?id=CVE-2020-11049
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0. En FreeRDP versiones posteriores a 1.1 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límite de la memoria del cliente que es pasada luego en el analizador de protocolo. Esto ha sido parcheado en la versión 2.0.0. • https://github.com/FreeRDP/FreeRDP/commit/c367f65d42e0d2e1ca248998175180aa9c2eacd0 https://github.com/FreeRDP/FreeRDP/issues/6008 https://github.com/FreeRDP/FreeRDP/pull/6019 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wwh7-r2r8-xjpr https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11049 https://bugzilla.redhat.com/show_bug.cgi?id=1835772 • CWE-125: Out-of-bounds Read •