ALAS2-2020-1516 — Vulnetix

ALAS2-2020-1516 PUBLISHED

Affected Products

Vendor	Product	Versions
Amazon	freerdp

Exploit Intelligence

In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. CVE project by @Sn0wAlice (github-poc-repo)
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. CVE project by @Sn0wAlice (github-poc)

Timeline

Oct 27, 2020 CVE Published

References

ALAS2-2020-1516: freerdp (medium) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›