CVE-2020-12861 – sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c
https://notcve.org/view.php?id=CVE-2020-12861
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. Un desbordamiento del búfer de la pila en SANE Backends versiones anteriores a 1.0.30, permite a un dispositivo malicioso conectado a la misma red local que la víctima ejecutar código arbitrario, también se conoce como GHSL-2020-080 A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in epsonds_net_read function could lead to a remote denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html https://securitylab.github.com/advisories/GHSL-2020-075-libsane https://usn.ubuntu.com/4470-1 https://access.redhat.com/security/cve/CVE-2020-12861 https://bugzilla.redhat.com/show_bug& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2020-11095 – Global OOB read in update_recv_primary_order in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11095
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. En FreeRDP versiones anteriores a 2.1.2, se producen lecturas fuera de límite que resultan en el acceso a una ubicación de memoria que está fuera de límites de la matriz estática de PRIMARY_DRAWING_ORDER_FIELD_BYTES. Esto es corregido en la versión 2.1.2 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2 https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ https://lists.fedoraproject.org/archives/list • CWE-125: Out-of-bounds Read •
CVE-2020-11096 – Global OOB read in update_read_cache_bitmap_v3_order in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11096
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2. En FreeRDP versiones anteriores a 2.1.2, se presenta una lectura OOB global en update_read_cache_bitmap_v3_order. Como solución alternativa, se puede deshabilitar la memoria caché de mapa de bits con -bitmap-cache (predeterminado). • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/commit/b8beb55913471952f92770c90c372139d78c16c0 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ https://lists.fedoraproject.org/archives/list • CWE-125: Out-of-bounds Read •
CVE-2020-4030 – OOB read in `TrioParse` in FreeRDP
https://notcve.org/view.php?id=CVE-2020-4030
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2. En FreeRDP versiones anteriores a 2.1.2, se presenta una lectura fuera de límites en TrioParse. El registro puede omitir las comprobaciones de longitud de cadena debido a un desbordamiento de enteros. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/commit/05cd9ea2290d23931f615c1b004d4b2e69074e27 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98 https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ https://lists.fedoraproject.org/archives/list • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVE-2020-11097 – OOB read in ntlm_av_pair_get in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11097
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. En FreeRDP versiones anteriores a 2.1.2, se produce una lectura fuera de límites resultando en el acceso a una ubicación de memoria que está fuera de límites de la matriz estática PRIMARY_DRAWING_ORDER_FIELD_BYTES. Esto es corregido en la versión 2.1.2 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/commit/58a3122250d54de3a944c487776bcd4d1da4721e https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ https://lists.fedoraproject.org/archives/list • CWE-125: Out-of-bounds Read •