CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11087 – Out-of-bounds Read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11087
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta una lectura fuera de límites en la función ntlm_read_AuthenticateMessage. Esto ha sido corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/8241ab42fdf0cc89cf69fc574bf6360c9977a0d4 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7 https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11087 https://bugzilla.redhat.com/show_bug.cgi?id=1844171 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11018 – Out of bound read in cliprdr_server_receive_capabilities in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, una posible vulnerabilidad de agotamiento de recursos puede ser realizada . Los clientes maliciosos podrían desencadenar lecturas fuera de límite causando una asignación de memoria con tamaño aleatorio. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8cvc-vcw7-6mfw https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11018 https://bugzilla.redhat.com/show_bug.cgi?id=1848008 • CWE-125: Out-of-bounds Read •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11041 – Improper Validation of Array Index in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11041
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, un índice de matriz controlado del exterior es usado sin comprobar los datos usados como configuración para el backend de sonido (alsa, oss, pulse, ...). • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w67c-26c4-2h9w https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11041 https://bugzilla.redhat.com/show_bug.cgi?id=1848034 • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11040 – Out-of-bounds Read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11040
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta una lectura de datos fuera de límites desde la memoria en la función clear_decompress_subcode_rlex, visualizada en pantalla como color. Esto ha sido parcheado en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x4wq-m7c9-rjgr https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11040 https://bugzilla.redhat.com/show_bug.cgi?id=1848029 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11017 – Double free in cliprdr_server_receive_capabilities in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11017
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, al proporcionar una entrada manipulada un cliente malicioso puede crear una condición de doble liberación y bloquear el servidor. Esto está corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html • CWE-415: Double Free •