Out of bound read in ntlm_read_NegotiateMessage

Low

bmiklautz published GHSA-xh4f-fh87-43hp

May 29, 2020

Package

FreeRDP

Affected versions

<= 2.0.0

Patched versions

2.1.0

Description

Impact

OOB read in ntlm_read_NegotiateMessage
All clients, all servers using NTLM authentication
Low impact due to a following check triggering and aborting processing

Patches

8fa3835 upgrade to 2.1.0 or newer

Workarounds

None

References

https://pub.freerdp.com/cve/CVE-2020-11088