AVG-1172 log

Package	freerdp
Status	Fixed
Severity	High
Type	information disclosure
Affected	2:2.1.0-1
Fixed	2:2.1.1-1
Current	2:3.9.0-4 [extra]
Ticket	None
Created	Sat May 23 11:58:49 2020

Issue	Severity	Remote	Type	Description
CVE-2020-13398	High	No	Information disclosure	An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
CVE-2020-13397	High	No	Information disclosure	An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in...
CVE-2020-13396	High	No	Information disclosure	An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in...

Issue

Severity

Remote

Type

Description

CVE-2020-13398

High

Information disclosure

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

CVE-2020-13397

High

Information disclosure

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in...

CVE-2020-13396

High

Information disclosure

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in...

Date	Advisory	Package	Type
23 May 2020	ASA-202005-16	freerdp	information disclosure