Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freerdp
(Freerdp)| Repositories |
• https://github.com/FreeRDP/FreeRDP
• https://github.com/sidhpurwala-huzaifa/FreeRDP |
| #Vulnerabilities | 92 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-29 | CVE-2020-11087 | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. | Debian_linux, Freerdp, Leap | 5.4 | ||
| 2020-05-29 | CVE-2020-11086 | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0. | Debian_linux, Freerdp, Leap | 5.4 | ||
| 2020-05-29 | CVE-2020-11088 | In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. | Debian_linux, Freerdp, Leap | 5.4 | ||
| 2020-05-29 | CVE-2020-11089 | In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0. | Debian_linux, Freerdp, Leap | 5.5 | ||
| 2020-05-15 | CVE-2020-11522 | libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 6.5 | ||
| 2020-05-15 | CVE-2020-11523 | libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 6.6 | ||
| 2020-05-15 | CVE-2020-11524 | libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | Ubuntu_linux, Freerdp, Leap | 6.6 | ||
| 2020-05-15 | CVE-2020-11525 | libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 2.2 | ||
| 2018-04-24 | CVE-2017-2834 | An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle attack to trigger this vulnerability. | Debian_linux, Freerdp | 7.0 | ||
| 2018-04-24 | CVE-2017-2835 | An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle to trigger this vulnerability. | Debian_linux, Freerdp | 8.1 |