CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-11046 – Improper Restriction of Operations within the Bounds of a Memory Buffer in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11046
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read. En FreeRDP versiones posteriores a 1.0 y versiones anteriores a 2.0.0, se presenta una búsqueda fuera de límites de flujo de datos en update_read_synchronize que podría conllevar a una lectura posterior fuera de límites. • https://github.com/FreeRDP/FreeRDP/commit/ed53cd148f43cbab905eaa0f5308c2bf3c48cc37 https://github.com/FreeRDP/FreeRDP/issues/6006 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hx48-wmmm-mr5q https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11046 https://bugzilla.redhat.com/show_bug&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 1CVE-2020-11047 – Out-of-bounds Read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11047
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0.0. En FreeRDP versiones posteriores a 1.1 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límites en autodetect_recv_bandwidth_measure_results. Un servidor malicioso puede extraer hasta 8 bytes de la memoria del cliente con un mensaje manipulado al proporcionar una entrada corta y leer los datos del resultado de la medición. • https://github.com/FreeRDP/FreeRDP/commit/f5e73cc7c9cd973b516a618da877c87b80950b65 https://github.com/FreeRDP/FreeRDP/issues/6009 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9fw6-m2q8-h5pw https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://access.redhat.com/security/cve/CVE-2020-11047 https://bugzilla.redhat.com/show_bug.cgi?id=1835762 • CWE-125: Out-of-bounds Read •
CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 1CVE-2020-11048 – Out-of-bounds Read in FreeRDPrdp_read_flow_control_pdu
https://notcve.org/view.php?id=CVE-2020-11048
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0. En FreeRDP versiones posteriores a 1.0 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límite. • https://github.com/FreeRDP/FreeRDP/commit/9301bfe730c66180263248b74353daa99f5a969b https://github.com/FreeRDP/FreeRDP/issues/6007 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hv8w-f2hx-5gcv https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11048 https://bugzilla.redhat.com/show_bug&# • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-11049 – Out-of-bounds Read in FreeRDPrdp_read_share_control_header
https://notcve.org/view.php?id=CVE-2020-11049
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0. En FreeRDP versiones posteriores a 1.1 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límite de la memoria del cliente que es pasada luego en el analizador de protocolo. Esto ha sido parcheado en la versión 2.0.0. • https://github.com/FreeRDP/FreeRDP/commit/c367f65d42e0d2e1ca248998175180aa9c2eacd0 https://github.com/FreeRDP/FreeRDP/issues/6008 https://github.com/FreeRDP/FreeRDP/pull/6019 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wwh7-r2r8-xjpr https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11049 https://bugzilla.redhat.com/show_bug.cgi?id=1835772 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2019-17177
https://notcve.org/view.php?id=CVE-2019-17177
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. El archivo libfreerdp/codec/region.c en FreeRDP versiones hasta 1.1.x y versiones 2.x hasta 2.0.0-rc4, presenta pérdidas de memoria porque un puntero realloc suministrado (es decir, el primer argumento para realloc) también es usado para un valor de retorno realloc. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00005.html https://github.com/FreeRDP/FreeRDP/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a https://github.com/FreeRDP/FreeRDP/issues/5645 https://security.gentoo.org/glsa/202005-07 https://usn.ubuntu.com/4379-1 • CWE-401: Missing Release of Memory after Effective Lifetime •