CVE-2020-11085
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-11085
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11085.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-11085
- Downstream
- Related
- Published
- 2020-05-29T20:15:10Z
- Modified
- 2025-09-19T11:36:25.020855Z
- Severity
-
- 3.5 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformat_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
- References
Affected packages
Git / github.com/freerdp/freerdp
Affected ranges
- Type
- GIT
- Repo
- https://github.com/freerdp/freerdp
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
Database specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"71316678263115778470361329507058901950",
"63540122468191937103107350026873264224",
"311802106057008330910831195565484748179",
"88442219528543279340249984410341899042",
"236818773394248061081604530974740996276",
"188729803353912925768022284096116154610",
"293512685827824235715399093202038882692",
"303579114188168452838756809606480706429",
"179242171078527379441438291443595260482",
"302037644450793362830990252107106706781",
"146437598717710508212057032060629376952",
"235305518902367730881752776020597392161",
"50943607780670792684217141734050961231",
"123992897057392158834041219569317059238",
"40090623701415119895798417467188135203",
"286002698754695699978868173551371204746",
"302052338601759565961793481301062284411",
"277093999041538559639943319074156391720",
"277141907495603272338991899375378398784",
"142681840246704475630993268288687255286",
"80882954800859107975839822879316711483",
"242917856516449484351546313598304823768",
"90002681359153429517644005190282609344",
"270599820833287275900354347987663515905",
"69249738883686318625784588559319402728",
"140534088899720478760109524424776359714",
"6724464783301728266773941107946349830",
"68012983517036978521471149854357420895",
"190881312875784621904566973360819377987",
"290661054656205251552765610330640869365",
"236773350137408637406022177098079034092",
"161914990398887684308944318483944182596",
"28094127606236728584947771229130378881",
"261208175590299138782560971748175296319",
"198022217380900924977634518515279232974",
"143363212442148630519679484952946530092",
"1862429887198272228960351469094143062",
"320513254749327974737313484633090497241",
"61865209773854207088033365335746998841",
"85622312806252130597541212747606045509",
"242061107344308146823141931199971851084",
"154951889956189150162155649308559968549",
"333074141710635353878506192750459148821",
"42991730476459113061517562994418791933",
"73407017586669018435370851976057873903",
"274315285384316596409966189737972590473",
"253837040126099377684797670937259048718",
"134981268559330297806103413679847795898",
"43848114785217618350281904280907089912",
"156897186441098143467104864261377628438",
"13762095066347915966923166648613850754",
"98784604065071455925477951613183686823",
"178210971650513841795867552392509721741",
"239510412079081844005262062076557384060",
"97459586985064186049107643206241299674",
"109788831402041431437678269657099952938",
"112837127432810834075814414088636631573",
"82837114165069312548998727252748101455",
"140684051045228495882257140720527403055",
"29881999773071381577645871117215415039",
"65327241217629519474646358662864571792",
"242917856516449484351546313598304823768",
"90002681359153429517644005190282609344",
"270599820833287275900354347987663515905",
"69249738883686318625784588559319402728",
"140534088899720478760109524424776359714",
"237440932411539319025246595566403433322",
"237313903587175490261517822050382511294",
"40458288375686759039193567450145013751",
"13762095066347915966923166648613850754",
"98784604065071455925477951613183686823",
"283243182047922977302967365559067510904",
"166649452894050414951209799627045583941",
"233458237148110770808869733437285346947",
"264140427637266464769222973233060825673",
"155020585740210069062249668437140249077",
"279660447524612550405022729842507346376",
"86593094957984328246734838956643369060",
"114562740066795314256878973389545787428",
"137889393503785426591652500460413235763",
"196522287637891272989044520842238604457",
"87240964693278567559417378805484388620",
"160829556722421556631171694962899545382",
"299579115608152455135066254831344267687",
"18395718106416549509875697073289109413",
"338933464859641274762573489005231306344"
]
},
"signature_type": "Line",
"source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821",
"target": {
"file": "channels/cliprdr/cliprdr_common.c"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2020-11085-2400b53d"
},
{
"digest": {
"function_hash": "126903225979021343612758508297033349238",
"length": 2709.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821",
"target": {
"file": "channels/cliprdr/cliprdr_common.c",
"function": "cliprdr_read_format_list"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2020-11085-3c487e8d"
},
{
"digest": {
"function_hash": "286899962749782026485367568772545424260",
"length": 252.0
},
"signature_type": "Function",
"source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821",
"target": {
"file": "channels/cliprdr/cliprdr_common.c",
"function": "cliprdr_free_format_list"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2020-11085-53068257"
}
]
}