CVE-2020-4030

Published at:
2020-06-22T22:15:13.087
Source: [email protected]

Global infos:

In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.

CVE Status: Modified

References:

  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityHIGH
    Attack VectorNETWORK
    Availability ImpactNONE
    Base Score3.5
    Base SeverityLOW
    Confidentiality ImpactNONE
    Integrity ImpactLOW
    Privileges RequiredLOW
    ScopeCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
    Exploitability Score1.8
    Impact Score1.4
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords