Freerdp: >> Freerdp Security Vulnerabilities
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-05-29
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
CVSS Score
7.1
EPSS Score
0.005
Published
2020-05-22
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-22
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
CVSS Score
8.3
EPSS Score
0.005
Published
2020-05-22
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVSS Score
6.6
EPSS Score
0.006
Published
2020-05-15
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVSS Score
2.2
EPSS Score
0.022
Published
2020-05-15
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
CVSS Score
2.2
EPSS Score
0.002
Published
2020-05-15
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVSS Score
6.6
EPSS Score
0.014
Published
2020-05-15
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
CVSS Score
6.5
EPSS Score
0.01
Published
2020-05-15
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
CVSS Score
6.6
EPSS Score
0.014
Published
2020-05-15