ALAS2-2019-1365 --- freerdp, libwinprID: oval:org.secpod.oval:def:1700277 | Date: (C)2019-11-27 (M)2023-11-13 |
Class: PATCH | Family: unix |
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client#039;s memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3