Freerdp: >> Freerdp >> 1.2.0 Security Vulnerabilities
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
CVSS Score
7.1
EPSS Score
0.005
Published
2020-05-22
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-22
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
CVSS Score
8.3
EPSS Score
0.005
Published
2020-05-22
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVSS Score
6.6
EPSS Score
0.006
Published
2020-05-15
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVSS Score
2.2
EPSS Score
0.022
Published
2020-05-15
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
CVSS Score
2.2
EPSS Score
0.002
Published
2020-05-15
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVSS Score
6.6
EPSS Score
0.014
Published
2020-05-15
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
CVSS Score
6.5
EPSS Score
0.01
Published
2020-05-15
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
CVSS Score
6.6
EPSS Score
0.014
Published
2020-05-15
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.
CVSS Score
2.2
EPSS Score
0.001
Published
2020-05-12