Vulnerability Name: | CVE-2020-11045 (CCN-181642) |
Assigned: | 2020-03-30 |
Published: | 2020-03-30 |
Updated: | 2022-07-01 |
Summary: | In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour. |
CVSS v3 Severity: | 3.3 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L) 2.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): High User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): None Availibility (A): Low | 3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) 2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): None Availibility (A): None | 3.3 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L) 2.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): High User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): None Availibility (A): Low |
|
CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:P)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance | Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial | 1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:N/A:N)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): None |
|
Vulnerability Type: | CWE-125
|
Vulnerability Consequences: | Obtain Information |
References: | Source: MITRE Type: CNA CVE-2020-11045
Source: XF Type: UNKNOWN freerdp-cve202011045-info-disc(181642)
Source: MISC Type: Patch, Third Party Advisory https://github.com/FreeRDP/FreeRDP/commit/f8890a645c221823ac133dbf991f8a65ae50d637
Source: CCN Type: FreeRDP GIT Repository memory out of bounds read in update_read_bitmap_data #6005
Source: MISC Type: Exploit, Third Party Advisory https://github.com/FreeRDP/FreeRDP/issues/6005
Source: CONFIRM Type: Third Party Advisory https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3x39-248q-f4q6
Source: MLIST Type: Third Party Advisory [debian-lts-announce] 20200829 [SECURITY] [DLA 2356-1] freerdp security update
Source: UBUNTU Type: Third Party Advisory USN-4379-1
Source: UBUNTU Type: Third Party Advisory USN-4382-1
Source: CCN Type: WhiteSource Vulnerability Database CVE-2020-11045
|
Vulnerable Configuration: | Configuration 1: cpe:/a:freerdp:freerdp:*:*:*:*:*:*:*:* (Version >= 1.1.0 and < 2.0.0) Configuration 2: cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:* Configuration 3: cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*OR cpe:/o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*OR cpe:/o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:* Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:* Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:* Configuration RedHat 4: cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:* Configuration RedHat 5: cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:* Configuration RedHat 6: cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:* Configuration RedHat 7: cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:* Configuration CCN 1: cpe:/a:freerdp:freerdp:2.0.0:rc4:*:*:*:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |