Max CVSS | 6.4 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-11096 | 6.4 |
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
|
20-10-2023 - 19:38 | 22-06-2020 - 22:15 | |
CVE-2020-11095 | 5.5 |
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
|
20-10-2023 - 19:38 | 22-06-2020 - 22:15 | |
CVE-2020-11097 | 5.5 |
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
|
20-10-2023 - 19:38 | 22-06-2020 - 22:15 | |
CVE-2020-4031 | 4.3 |
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
|
20-10-2023 - 19:27 | 22-06-2020 - 22:15 | |
CVE-2020-4030 | 6.4 |
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
|
20-10-2023 - 19:27 | 22-06-2020 - 22:15 | |
CVE-2020-4032 | 4.3 |
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
|
20-10-2023 - 19:27 | 22-06-2020 - 22:15 | |
CVE-2020-11099 | 6.4 |
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
|
20-10-2023 - 19:27 | 22-06-2020 - 22:15 | |
CVE-2020-11098 | 5.8 |
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.
|
20-10-2023 - 19:27 | 22-06-2020 - 22:15 | |
CVE-2020-4033 | 6.4 |
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.
|
20-10-2023 - 19:26 | 22-06-2020 - 22:15 |