CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-11046 – Improper Restriction of Operations within the Bounds of a Memory Buffer in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11046
07 May 2020 — In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read. En FreeRDP versiones posteriores a 1.0 y versiones anteriores a 2.0.0, se presenta una búsqueda fuera de límites de flujo de datos en update_read_synchronize que podría conllevar a una lectura posterior fuera de límites. FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP se... • https://github.com/FreeRDP/FreeRDP/commit/ed53cd148f43cbab905eaa0f5308c2bf3c48cc37 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 1CVE-2020-11047 – Out-of-bounds Read in FreeRDP
https://notcve.org/view.php?id=CVE-2020-11047
07 May 2020 — In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0.0. En FreeRDP versiones posteriores a 1.1 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límites en autodetect_recv_bandwidth_measure_results. Un servidor malicioso puede extraer hasta 8 bytes... • https://github.com/FreeRDP/FreeRDP/commit/f5e73cc7c9cd973b516a618da877c87b80950b65 • CWE-125: Out-of-bounds Read •
CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 1CVE-2020-11048 – Out-of-bounds Read in FreeRDPrdp_read_flow_control_pdu
https://notcve.org/view.php?id=CVE-2020-11048
07 May 2020 — In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0. En FreeRDP versiones posteriores a 1.0 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límite. • https://github.com/FreeRDP/FreeRDP/commit/9301bfe730c66180263248b74353daa99f5a969b • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-11049 – Out-of-bounds Read in FreeRDPrdp_read_share_control_header
https://notcve.org/view.php?id=CVE-2020-11049
07 May 2020 — In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0. En FreeRDP versiones posteriores a 1.1 y versiones anteriores a 2.0.0, se presenta una lectura fuera de límite de la memoria del cliente que es pasada luego en el analizador de protocolo. Esto ha sido parcheado en la versión 2.0.0. FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. • https://github.com/FreeRDP/FreeRDP/commit/c367f65d42e0d2e1ca248998175180aa9c2eacd0 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2019-17177 – Gentoo Linux Security Advisory 202005-07
https://notcve.org/view.php?id=CVE-2019-17177
04 Oct 2019 — libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. El archivo libfreerdp/codec/region.c en FreeRDP versiones hasta 1.1.x y versiones 2.x hasta 2.0.0-rc4, presenta pérdidas de memoria porque un puntero realloc suministrado (es decir, el primer argumento para realloc) también es usado para un valor de retorno realloc. Multiple vulnerabilities have been fo... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00004.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-17178
https://notcve.org/view.php?id=CVE-2019-17178
04 Oct 2019 — HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value. La función HuffmanTree_makeFromFrequencies en el archivo lodepng.c en LodePNG hasta el 28-09-2019, como es usado en WinPR en FreeRDP y otros productos, presenta una pérdida de memoria porque un puntero realloc suministrado (es decir, el primer argumento pa... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00004.html • CWE-252: Unchecked Return Value CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2018-1000852 – freerdp: out of bounds read in drdynvc_process_capability_request
https://notcve.org/view.php?id=CVE-2018-1000852
20 Dec 2018 — FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3. FreeRDP 2.0.0-rc3, en versiones... • https://access.redhat.com/errata/RHSA-2019:2157 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 1CVE-2018-8789 – Ubuntu Security Notice USN-3845-1
https://notcve.org/view.php?id=CVE-2018-8789
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene varias lecturas fuera de límites en el módulgo NTLM Authentication que resulta en una denegación de servicio (fallo de segmentación). Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of ... • http://www.securityfocus.com/bid/106938 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.8EPSS: 20%CPEs: 6EXPL: 1CVE-2018-8784 – Ubuntu Security Notice USN-3845-1
https://notcve.org/view.php?id=CVE-2018-8784
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress_segment() que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de código. Eyal Itkin discovered FreeRDP incorrectly handled certain stream... • http://www.securityfocus.com/bid/106938 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 20%CPEs: 6EXPL: 1CVE-2018-8785
https://notcve.org/view.php?id=CVE-2018-8785
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress() que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de código. • http://www.securityfocus.com/bid/106938 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •