CVE-2020-11088

Опубликовано: 29 мая 2020

Источник: redhat

CVSS3: 5.4

EPSS Низкий

Описание

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	freerdp	Out of support scope
Red Hat Enterprise Linux 7	freerdp	Fixed	RHSA-2020:4031	29.09.2020
Red Hat Enterprise Linux 8	freerdp	Fixed	RHSA-2020:4647	04.11.2020
Red Hat Enterprise Linux 8	vinagre	Fixed	RHSA-2020:4647	04.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1844177freerdp: out-of-bounds read in ntlm_read_NegotiateMessage

EPSS

Процентиль: 42%

0.0019

Низкий

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2020-11088

CVSS3: 3.1

ubuntu

около 5 лет назад

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.

CVE-2020-11088

CVSS3: 3.1

nvd

около 5 лет назад

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.

CVE-2020-11088

CVSS3: 3.1

debian

около 5 лет назад

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read ...

RLSA-2020:4647

rocky

больше 4 лет назад

Moderate: freerdp and vinagre security, bug fix, and enhancement update

ELSA-2020-4647

oracle-oval

больше 4 лет назад

ELSA-2020-4647: freerdp and vinagre security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 42%

0.0019

Низкий

5.4 Medium

CVSS3