Shodan
Vulnerabilities
Vulnerable Software
Freerdp:  >> Freerdp  >> 1.0.2  Security Vulnerabilities
CVE-2020-11039
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.
CVSS Score
8.0
EPSS Score
0.002
Published
2020-05-29
CVE-2020-11041
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.
CVSS Score
2.2
EPSS Score
0.002
Published
2020-05-29
CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-05-29
CVE-2020-11017
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-05-29
CVE-2020-13396
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
CVSS Score
7.1
EPSS Score
0.005
Published
2020-05-22
CVE-2020-13397
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-22
CVE-2020-13398
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
CVSS Score
8.3
EPSS Score
0.005
Published
2020-05-22
CVE-2020-11524
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVSS Score
6.6
EPSS Score
0.006
Published
2020-05-15
CVE-2020-11525
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVSS Score
2.2
EPSS Score
0.022
Published
2020-05-15
CVE-2020-11521
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVSS Score
6.6
EPSS Score
0.014
Published
2020-05-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved