CVE-2020-11018
Description
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.222
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-2.1.1-2.el7.x86_64.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-devel-2.1.1-2.el7.i686.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-devel-2.1.1-2.el7.x86_64.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-libs-2.1.1-2.el7.i686.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-libs-2.1.1-2.el7.x86_64.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-2.1.1-2.el7.i686.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-2.1.1-2.el7.x86_64.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-devel-2.1.1-2.el7.i686.rpm | Linux |
| (RHSA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-devel-2.1.1-2.el7.x86_64.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-devel-2.1.1-2.el7.i686.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-libs-2.1.1-2.el7.i686.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-2.1.1-2.el7.i686.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-devel-2.1.1-2.el7.i686.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-2.1.1-2.el7.x86_64.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-devel-2.1.1-2.el7.x86_64.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update freerdp-libs-2.1.1-2.el7.x86_64.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-2.1.1-2.el7.x86_64.rpm | Linux |
| (CESA-2020:4031) freerdp security, bug fix, and enhancement update libwinpr-devel-2.1.1-2.el7.x86_64.rpm | Linux |
| freerdp and vinagre security, bug fix, and enhancement update (RLSA-2020:4647) vinagre-3.22.0-23.el8.x86_64.rpm | Linux |
| Freerdp update (ELSA-2020-4647) freerdp-2.1.1-1.el8.x86_64.rpm | Linux |
| Freerdp-libs update (ELSA-2020-4647) freerdp-libs-2.1.1-1.el8.i686.rpm | Linux |
| Freerdp-libs update (ELSA-2020-4647) freerdp-libs-2.1.1-1.el8.x86_64.rpm | Linux |
| Libwinpr update (ELSA-2020-4647) libwinpr-2.1.1-1.el8.i686.rpm | Linux |
| Libwinpr update (ELSA-2020-4647) libwinpr-2.1.1-1.el8.x86_64.rpm | Linux |
| Libwinpr-devel update (ELSA-2020-4647) libwinpr-devel-2.1.1-1.el8.i686.rpm | Linux |
| Libwinpr-devel update (ELSA-2020-4647) libwinpr-devel-2.1.1-1.el8.x86_64.rpm | Linux |
| Vinagre update (ELSA-2020-4647) vinagre-3.22.0-23.el8.x86_64.rpm | Linux |
| Moderate: freerdp and vinagre security, bug fix, and enhancement update vinagre-3.22.0-23.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234