AVG-1131 log

Package freerdp
Status Fixed
Severity Critical
Type multiple issues
Affected 1:2.0.0_rc4-8
Fixed 2:2.0.0-1
Current 2:3.10.3-1 [extra-testing]
2:3.9.0-4 [extra]
Ticket None
Created Fri Apr 10 14:19:27 2020
Issue Severity Remote Type Description
CVE-2020-11526 High Yes Information disclosure
An out-of-bounds read issue has been found in FreeRDP before 2.0.0.
CVE-2020-11525 High Yes Information disclosure
An out-of-bounds read issue has been found in FreeRDP before 2.0.0.
CVE-2020-11524 High Yes Arbitrary code execution
An out-of-bounds write issue has been found in the RLEDECOMPRESS function of FreeRDP before 2.0.0.
CVE-2020-11523 Low Yes Information disclosure
An integer overflow issue has been found in FreeRDP before 2.0.0.
CVE-2020-11522 Low Yes Information disclosure
An out-of-bounds read has been found in the gdi_multi_opaque_rect function of FreeRDP before 2.0.0.
CVE-2020-11521 Critical Yes Arbitrary code execution
An out-of-bounds write has been found in FreeRDP before 2.0.0, in the planar_skip_plane_rle function.
CVE-2020-11049 Low Yes Information disclosure
An out-of-bounds read has been found in FreeRDP before 2.0.0.
CVE-2020-11048 Low Yes Information disclosure
An out-of-bounds read has been found in FreeRDP before 2.0.0.
CVE-2020-11047 Medium Yes Information disclosure
An information disclosure issue has been found in FreeRDP before 2.0.0.
CVE-2020-11046 Low Yes Denial of service
An out-of-bounds read has been found in FreeRDP before 2.0.0.
CVE-2020-11045 Low Yes Information disclosure
An out-of-bounds read has been found in FreeRDP before 2.0.0.
CVE-2020-11044 Low Yes Denial of service
A double-free issue has been found in FreeRDP before 2.0.0.
CVE-2020-11042 High Yes Information disclosure
An out-of-bounds read issue has been found in FreeRDP before 2.0.0, allowing an attacker to read a defined amount of client memory (32bit unsigned -> 4GB)...
References
https://github.com/FreeRDP/FreeRDP/blob/2.0.0/ChangeLog#L5