You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Memory out of bounds read in autodetect_recv_bandwidth_measure_results
Moderate
bmiklautz
published
GHSA-9fw6-m2q8-h5pwMay 6, 2020
Package
freerdp
Affected versions
> 1.1
Patched versions
2.0.0
Description
Impact
All FreeRDP clients, all platforms
Out of bounds read.
A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data.
Impact
Out of bounds read.
A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data.
Patches
Fixed with commit f5e73cc
Workarounds
None
References
#6009