5.5
CVSSv2

CVE-2020-13396

Published: 22/05/2020 Updated: 01/06/2020
CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P

Vulnerability Summary

An issue exists in FreeRDP prior to 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.

Vulnerability Trend

Affected Products

Vendor Product Versions
FreerdpFreerdp1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.2.0, 2.0.0, 2.1.0

Vendor Advisories

An issue was discovered in FreeRDP before 211 An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_messagec ...
Arch Linux Security Advisory ASA-202005-16 ========================================== Severity: High Date : 2020-05-23 CVE-ID : CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Package : freerdp Type : information disclosure Remote : No Link : securityarchlinuxorg/AVG-1172 Summary ======= The package freerdp before version 2:21 ...
Several security issues were fixed in FreeRDP ...