QwikSec

Security Database

CVE

CWE

Training

CVE-2020-11042

Published: May 7, 2020

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for later retrieval. This has been patched in 2.0.0.

Vendor	Product	Versions
FreeRDP	FreeRDP	affected `> 1.1, < 2.0.0`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9jp6-5vf2-cx2q

https://github.com/FreeRDP/FreeRDP/issues/6010

https://github.com/FreeRDP/FreeRDP/commit/6b2bc41935e53b0034fe5948aeeab4f32e80f30f

vendor-advisory

vendor-advisory

[debian-lts-announce] 20200829 [SECURITY] [DLA 2356-1] freerdp security update

mailing-list

[debian-lts-announce] 20231007 [SECURITY] [DLA 3606-1] freerdp2 security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.