Skip to content

OOB read in ntlm_av_pair_get

Low
akallabeth published GHSA-c8x2-c3c9-9r3f Jun 22, 2020

Package

FreeRDP

Affected versions

<= 2.1.1

Patched versions

2.1.2

Description

Impact

  • All clients and servers
  • OOB reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES

Patches

Workarounds

None

References

GHSL-2020-104

Severity

Low

CVE ID

CVE-2020-11097

Weaknesses

No CWEs