Описание
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | freerdp | Out of support scope | ||
| Red Hat Enterprise Linux 7 | freerdp | Fixed | RHSA-2020:4031 | 29.09.2020 |
| Red Hat Enterprise Linux 8 | freerdp | Fixed | RHSA-2020:4647 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | vinagre | Fixed | RHSA-2020:4647 | 04.11.2020 |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-119->CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1835403freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read
EPSS
Процентиль: 32%
0.00124
Низкий
2.2 Low
CVSS3
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 5 лет назад
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
CVSS3: 5.5
nvd
больше 5 лет назад
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
CVSS3: 5.5
debian
больше 5 лет назад
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds ...
rocky
около 5 лет назад
Moderate: freerdp and vinagre security, bug fix, and enhancement update
oracle-oval
около 5 лет назад
ELSA-2020-4647: freerdp and vinagre security, bug fix, and enhancement update (MODERATE)
EPSS
Процентиль: 32%
0.00124
Низкий
2.2 Low
CVSS3