Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2020-4030 - CERT CVE
CVE-2020-4030
ID
CVE-2020-4030
Sažetak
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
Reference
http://www.freerdp.com/2020/06/22/2_1_2-released
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98
https://github.com/FreeRDP/FreeRDP/commit/05cd9ea2290d23931f615c1b004d4b2e69074e27
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
https://usn.ubuntu.com/4481-1/
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/
CVSS
Base:
6.4
Impact:
4.9
Exploitability:
10.0
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
NONE
PARTIAL
CVSS vektor
AV:N/AC:L/Au:N/C:P/I:N/A:P
Zadnje važnije ažuriranje
07-11-2023 - 03:23
Objavljeno
22-06-2020 - 22:15