CVE-2020-4030
OOB read in `TrioParse` in FreeRDP
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
Produtos afetados
FreeRDP · FreeRDPQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.htmlhttps://github.com/FreeRDP/FreeRDP/commit/05cd9ea2290d23931f615c1b004d4b2e69074e27https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98https://lists.debian.org/debian-lts-announce/2023/10/msg00008.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/https://usn.ubuntu.com/4481-1/http://www.freerdp.com/2020/06/22/2_1_2-released