Lucene search
GitHub_MCVELIST:CVE-2020-11018HistoryMay 29, 2020 - 12:00 a.m.
CVE-2020-11018 Out of bound read in cliprdr_server_receive_capabilities in FreeRDP
2020-05-2900:00:00
CWE-125
GitHub_M
www.cve.org
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
29.0%
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
CNA Affected
[
{
"vendor": "FreeRDP",
"product": "FreeRDP",
"versions": [
{
"version": "<= 2.0.0",
"status": "affected"
}
]
}
]Related
veracode
veracode
Denial Of Service (DoS)
2020-10-01 03:56:18
prion
prion
Design/Logic Flaw
2020-05-29 17:15:00
redhatcve
redhatcve
CVE-2020-11018
2020-06-17 14:33:38
osv
osv
CVE-2020-11018
2020-05-29 17:15:11
Moderate: freerdp and vinagre security, bug fix, and enhancement update
2020-11-03 12:23:37
Moderate: freerdp and vinagre security, bug fix, and enhancement update
2020-11-03 12:23:37
cve
cve
CVE-2020-11018
2020-05-29 17:15:11
debiancve
debiancve
CVE-2020-11018
2020-05-29 17:15:11
nvd
nvd
CVE-2020-11018
2020-05-29 17:15:11
ubuntucve
ubuntucve
CVE-2020-11018
2020-05-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package freerdp version 2.1.0-alt1
2020-05-13 00:00:00
nessus
nessus
FreeBSD : FreeRDP -- multiple vulnerabilities (669f3fe8-a07a-11ea-b83e-f0def1f5c5a2)
2020-06-09 00:00:00
EulerOS 2.0 SP8 : freerdp (EulerOS-SA-2022-1564)
2022-04-25 00:00:00
openvas
openvas
FreeRDP < 2.1.0 Multiple Vulnerabilities
2020-06-15 00:00:00
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2022-1564)
2022-04-25 00:00:00
openSUSE: Security Advisory for freerdp (openSUSE-SU-2020:1090-1)
2020-07-27 00:00:00
freebsd
freebsd
FreeRDP -- multiple vulnerabilities
2020-04-10 00:00:00
amazon
amazon
Medium: freerdp
2020-10-22 17:36:00
rocky
rocky
freerdp and vinagre security, bug fix, and enhancement update
2020-11-03 12:23:37
almalinux
almalinux
Moderate: freerdp and vinagre security, bug fix, and enhancement update
2020-11-03 12:23:37
redhat
redhat
oraclelinux
oraclelinux
freerdp and vinagre security, bug fix, and enhancement update
2020-11-10 00:00:00
freerdp security, bug fix, and enhancement update
2020-10-06 00:00:00
centos
centos
freerdp, libwinpr security update
2020-10-20 18:03:15
suse
suse
Security update for freerdp (important)
2020-07-26 00:00:00
mageia
mageia
Updated freerdp/remmina packages fix security vulnerability
2020-08-01 02:25:42
debian
debian
[SECURITY] [DLA 3606-1] freerdp2 security update
2023-10-07 18:09:17
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
29.0%
Related for CVELIST:CVE-2020-11018