CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-39318 – Division by zero in urbdrc channel in FreeRDP
https://notcve.org/view.php?id=CVE-2022-39318
16 Nov 2022 — FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. • https://github.com/FreeRDP/FreeRDP/commit/80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea • CWE-20: Improper Input Validation CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39282 – RDP client: Read of uninitialized memory with parallel port redirection
https://notcve.org/view.php?id=CVE-2022-39282
12 Oct 2022 — FreeRDP is a free remote desktop protocol library and clients. FreeRDP based clients on unix systems using `/parallel` command line switch might read uninitialized data and send it to the server the client is currently connected to. FreeRDP based server implementations are not affected. Please upgrade to 2.8.1 where this issue is patched. If unable to upgrade, do not use parallel port redirection (`/parallel` command line switch) as a workaround. • https://github.com/FreeRDP/FreeRDP/releases/tag/2.8.1 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39283 – FreeRDP may read and display out of bounds data
https://notcve.org/view.php?id=CVE-2022-39283
12 Oct 2022 — FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue has been patched in version 2.8.1. If you cannot upgrade do not use the `/video` switch. • https://github.com/FreeRDP/FreeRDP/releases/tag/2.8.1 • CWE-125: Out-of-bounds Read CWE-908: Use of Uninitialized Resource •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 1CVE-2022-24882 – Server side NTLM does not properly check parameters in FreeRDP
https://notcve.org/view.php?id=CVE-2022-24882
26 Apr 2022 — FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. The vulnerability is patched in FreeRDP 2.7.0. • https://github.com/FreeRDP/FreeRDP/pull/7750 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24883 – FreeRDP Server authentication might allow invalid credentials to pass
https://notcve.org/view.php?id=CVE-2022-24883
26 Apr 2022 — FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affected. RDP server implementations using FreeRDP to authenticate against a `SAM` file are affected. Version 2.7.0 contains a fix for this issue. • https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-41160 – Improper region checks in FreeRDP allow out of bound write to memory
https://notcve.org/view.php?id=CVE-2021-41160
21 Oct 2021 — FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) ... • https://github.com/Jajangjaman/CVE-2021-41160 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-41159 – Improper client input validation for FreeRDP gateway connections allows to overwrite memory
https://notcve.org/view.php?id=CVE-2021-41159
21 Oct 2021 — FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway. • https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vh34-m9h7-95xq • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37594
https://notcve.org/view.php?id=CVE-2021-37594
27 Jul 2021 — In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU. En FreeRDP versiones anteriores a 2.4.0 en Windows, la función wf_cliprdr_server_file_contents_request en el archivo client/Windows/wf_cliprdr.c presenta una falta de comprobaciones de entrada para un PDU de Petición de Contenido de Archivo FILECONTENTS_SIZE • https://github.com/FreeRDP/FreeRDP/commit/0d79670a28c0ab049af08613621aa0c267f977e9 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37595
https://notcve.org/view.php?id=CVE-2021-37595
27 Jul 2021 — In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU. En FreeRDP versiones anteriores a 2.4.0 en Windows, la función wf_cliprdr_server_file_contents_request en el archivo client/Windows/wf_cliprdr.c presenta una falta de comprobaciones de entrada para un PDU de petición de contenido de archivo FILECONTENTS_RANGE • https://github.com/FreeRDP/FreeRDP/commit/0d79670a28c0ab049af08613621aa0c267f977e9 • CWE-20: Improper Input Validation •
CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-15103 – Integer Overflow in FreeRDP
https://notcve.org/view.php?id=CVE-2020-15103
27 Jul 2020 — In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto En FreeRDP versiones ante... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00010.html • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •