Merge document vulnerabilities fixed in 1.2.0.

_security/CVE-2020-9497.md

@@ -0,0 +1,14 @@
+---
+title: Improper input validation of RDP static virtual channels
+cve:   CVE-2020-9497
+fixed: 1.2.0
+---
+
+Apache Guacamole 1.1.0 and older do not properly validate data received from
+RDP servers via static virtual channels. If a user connects to a malicious or
+compromised RDP server, specially-crafted PDUs could result in disclosure of
+information within the memory of the guacd process handling the connection.
+
+Acknowledgements: We would like to thank the GitHub Security Lab and Eyal Itkin
+(Check Point Research) for reporting this issue.
+

_security/CVE-2020-9498.md

@@ -0,0 +1,15 @@
+---
+title: Dangling pointer in RDP static virtual channel handling
+cve:   CVE-2020-9498
+fixed: 1.2.0
+---
+
+Apache Guacamole 1.1.0 and older may mishandle pointers involved in processing
+data received via RDP static virtual channels. If a user connects to a
+malicious or compromised RDP server, a series of specially-crafted PDUs could
+result in memory corruption, possibly allowing arbitrary code to be executed
+with the privileges of the running guacd process.
+
+Acknowledgements: We would like to thank Eyal Itkin (Check Point Research) for
+reporting this issue.
+