Описание
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | freerdp | Out of support scope | ||
| Red Hat Enterprise Linux 7 | freerdp | Fixed | RHSA-2020:4031 | 29.09.2020 |
| Red Hat Enterprise Linux 8 | freerdp | Fixed | RHSA-2020:4647 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | vinagre | Fixed | RHSA-2020:4647 | 04.11.2020 |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-119->CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1835403freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read
2.2 Low
CVSS3
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 5 лет назад
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
CVSS3: 5.5
nvd
около 5 лет назад
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
CVSS3: 5.5
debian
около 5 лет назад
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds ...
rocky
больше 4 лет назад
Moderate: freerdp and vinagre security, bug fix, and enhancement update
oracle-oval
больше 4 лет назад
ELSA-2020-4647: freerdp and vinagre security, bug fix, and enhancement update (MODERATE)
2.2 Low
CVSS3