CVE-2020-11099
22.06.2020, 22:15
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| freerdp | freerdp | 𝑥 < 2.1.2 |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| debian | debian_linux | 10.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| freerdp |
| ||||||||||||||||||||||||||||||||
| freerdp-devel |
| ||||||||||||||||||||||||||||||||
| freerdp-proxy |
| ||||||||||||||||||||||||||||||||
| libfreerdp2 |
| ||||||||||||||||||||||||||||||||
| libwinpr2 |
| ||||||||||||||||||||||||||||||||
| winpr2-devel |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References