← volver
CVE-2020-11048

Out-of-bounds Read in FreeRDPrdp_read_flow_control_pdu

CVSS 2.2 LOWEPSS 1.8%CWE-125
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Productos afectados
FreeRDP · FreeRDP

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/FreeRDP/FreeRDP/commit/9301bfe730c66180263248b74353daa99f5a969bhttps://github.com/FreeRDP/FreeRDP/issues/6007https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hv8w-f2hx-5gcvhttps://lists.debian.org/debian-lts-announce/2020/08/msg00054.htmlhttps://lists.debian.org/debian-lts-announce/2023/10/msg00008.htmlhttps://usn.ubuntu.com/4379-1/https://usn.ubuntu.com/4382-1/