Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2020-11525

Published: 15/05/2020 Updated: 30/07/2022
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 2.2 | Impact Score: 1.4 | Exploitability Score: 0.7
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P
Subscribe to Freerdp

Vulnerability Summary

libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 up to and including 2.0.0-rc4 has an Out of bounds read.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freerdp freerdp 2.0.0

freerdp freerdp

debian debian linux 9.0

canonical ubuntu linux 18.04

opensuse leap 15.1

canonical ubuntu linux 19.10

canonical ubuntu linux 20.04

canonical ubuntu linux 16.04

Vendor Advisories

Red Hat: Moderate: freerdp and vinagre security, bug fix, and enhancement update
Synopsis Moderate: freerdp and vinagre security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for freerdp and vinagre is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common ...
Ubuntu Security Notice: freerdp2 vulnerabilities
Several security issues were fixed in FreeRDP ...
Ubuntu Security Notice: freerdp vulnerabilities
Several security issues were fixed in FreeRDP ...
Amazon Linux 2: ALAS2-2020-1516
In FreeRDP less than or equal to 200, a possible resource exhaustion vulnerability can be performed Malicious clients could trigger out of bound reads causing memory allocation with random size This has been fixed in 210 (CVE-2020-11018) In FreeRDP less than or equal to 200, when running with logger set to "WLOG_TRACE", a possible crash of ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-1131 freerdp 1:200_rc4-8 2:200-1 Critical Fixed ...

References

CWE-125https://github.com/FreeRDP/FreeRDP/commits/masterhttps://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjghttps://pub.freerdp.com/cve/CVE-2020-11525/pocAnalysis_1.pdfhttps://github.com/FreeRDP/FreeRDP/pull/6019/commits/58dc36b3c883fd460199cedb6d30e58eba58298chttps://usn.ubuntu.com/4379-1/https://usn.ubuntu.com/4382-1/http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.htmlhttps://lists.debian.org/debian-lts-announce/2020/08/msg00054.htmlhttps://access.redhat.com/errata/RHSA-2020:4647https://nvd.nist.govhttps://usn.ubuntu.com/4379-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook