MiracleLinux 7 : freerdp-2.0.0-4.rc4.el7 (AXSA:2020-105:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-105:02 advisory. freerdp: Out-of-bounds write in planar.c CVE-2020-11521 freerdp: Integer overflow in region.c CVE-2020-11523 freerdp: Out-of-bounds write in...

freerdp security update

2.0.0-4.rc4 - CVE-2020-11521: Fix out-of-bounds write in planar.c 1837621 - CVE-2020-11523: Fix integer overflow in region.c 1837622 - CVE-2020-11524: Fix out-of-bounds write in interleaved.c 1837623...

freerdp security update

2:2.0.0-46.rc4.1 - CVE-2020-11521: Fix out-of-bounds write in planar.c 1837632 - CVE-2020-11523: Fix integer overflow in region.c 1837633 - CVE-2020-11524: Fix out-of-bounds write in interleaved.c 1837631...

Arbitrary Code Execution

freerdp is vulnerable to arbitrary code execution. An out-of-bounds write in interleaved.c allows an attacker to execute arbitrary code on the system...

freerdp: Out-of-bounds write in interleaved.c

A flaw was found in FreeRDP between versions 1.0 and 2.0.0. An out-of-bounds memory write was found in the interleaved.c function which could allow an attacker to take over and control the RDP server, including data sent to the client. The highest threat from this vulnerability is to data...