Published: 22/06/2020 Updated: 07/11/2023

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 6.5 | Impact Score: 2.5 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freerdp freerdp
opensuse leap 15.1
fedoraproject fedora 31
fedoraproject fedora 32
canonical ubuntu linux 20.04
canonical ubuntu linux 18.04
debian debian linux 10.0

Severity Unknown Remote Unknown Type Unknown Description AVG-1193 freerdp 2:211-1 2:212-1 Unknown Fixed ...

CWE-125 https://github.com/FreeRDP/FreeRDP/commit/6ade7b4cbfd71c54b3d724e8f2d6ac76a58e879a https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h http://www.freerdp.com/2020/06/22/2_1_2-released http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://usn.ubuntu.com/4481-1/https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/https://nvd.nist.gov https://security.archlinux.org/CVE-2020-11099

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-11099

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect