Security Advisory

CVE-2020-11042

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-07 00:00:00

Last updated 2024-08-04 11:21:14

Assigner GitHub_M

State PUBLISHED

Description

In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for later retrieval. This has been patched in 2.0.0.

← Browse all CVEs View on cve.org ↗