Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-05-07 | CVE-2020-11046 | In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read. | Ubuntu_linux, Debian_linux, Freerdp | 2.2 | ||
2020-05-07 | CVE-2020-11047 | In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0.0. | Ubuntu_linux, Debian_linux, Freerdp | 5.9 | ||
2020-05-07 | CVE-2020-11048 | In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0. | Ubuntu_linux, Debian_linux, Freerdp | 2.2 | ||
2020-05-07 | CVE-2020-11049 | In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0. | Ubuntu_linux, Debian_linux, Freerdp | 2.2 | ||
2020-05-12 | CVE-2020-11058 | In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0. | Ubuntu_linux, Debian_linux, Freerdp | 2.2 | ||
2020-05-22 | CVE-2020-13396 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 7.1 | ||
2020-05-22 | CVE-2020-13397 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 5.5 | ||
2020-05-29 | CVE-2020-11085 | In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0. | Debian_linux, Freerdp, Leap | 3.5 | ||
2020-05-22 | CVE-2020-13398 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 8.3 | ||
2020-05-29 | CVE-2020-11017 | In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0. | Debian_linux, Freerdp, Leap | 6.5 |