freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetectrecvbandwidthmeasureresults. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0...

PT-2020-6920 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 1.1 through 1.9 Description: The issue is related to an out-of-bounds read in the autodetect recv bandwidth measure results function. A malicious server can extract up to 8 bytes of client memory with a manipulated message by...