CVE-2020-11525

Name
CVE-2020-11525
Description
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
NVD Severity
low
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Patch https://github.com/FreeRDP/FreeRDP/commits/master
Patch https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjg
Exploit https://pub.freerdp.com/cve/CVE-2020-11525/pocAnalysis_1.pdf
Patch https://github.com/FreeRDP/FreeRDP/pull/6019/commits/58dc36b3c883fd460199cedb6d30e58eba58298c
Third Party Advisory https://usn.ubuntu.com/4379-1/
UBUNTU https://usn.ubuntu.com/4382-1/
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
MLIST https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:* freerdp > 1.0.0 <= 2.0.0
cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:* freerdp == None == 2.0.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status