Vulnerabilities > CVE-2020-11087
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
NONE Availability impact
LOW Summary
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 24 | |
OS | 1 | |
OS | 1 |
References
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
- https://github.com/FreeRDP/FreeRDP/commit/8241ab42fdf0cc89cf69fc574bf6360c9977a0d4
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7
- https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7
- https://github.com/FreeRDP/FreeRDP/commit/8241ab42fdf0cc89cf69fc574bf6360c9977a0d4