Unrated severityNVD Advisory· Published Jun 22, 2020· Updated Aug 4, 2024

OOB read in `TrioParse` in FreeRDP

CVE-2020-4030

Description

In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.

Affected products

Freerdp/Freerdpv5
Range: < 2.1.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.htmlmitrevendor-advisory
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/mitrevendor-advisory
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/mitrevendor-advisory
usn.ubuntu.com/4481-1/mitrevendor-advisory
lists.debian.org/debian-lts-announce/2023/10/msg00008.htmlmitremailing-list
www.freerdp.com/2020/06/22/2_1_2-releasedmitre
github.com/FreeRDP/FreeRDP/commit/05cd9ea2290d23931f615c1b004d4b2e69074e27mitre
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000