Lucene search

K

Veracode Vulnerability DatabaseVERACODE:25573

HistoryJun 03, 2020 - 4:08 a.m.

Denial Of Service (DoS)

2020-06-0304:08:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

0.004 Low

EPSS

Percentile

75.1%

freerdp is vulnerable to denial of service (DoS). The vulnerability exists as freerdp prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

CPENameOperatorVersion
freerdp:3.11eq2.0.0-r0
freerdp:3.12eq2.0.0-r0
freerdp:edgeeq2.0.0-r0
freerdp:3.11eq2.0.0-r0
freerdp:3.12eq2.0.0-r0
freerdp:edgeeq2.0.0-r0

References

www.securityfocus.com/bid/106938

github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6

lists.debian.org/debian-lts-announce/2019/02/msg00015.html

research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/

usn.ubuntu.com/3845-1/

usn.ubuntu.com/3845-2/

0.004 Low

EPSS

Percentile

75.1%

Related for VERACODE:25573

alpinelinux1 prion1 nvd1 ubuntucve1 cvelist1 cve1 osv2 redhatcve1 debiancve1 nessus8 debian1 openvas7 mageia1 ubuntu2 suse2