CVE-2020-11085

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-11085
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11085.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-11085
Downstream
Related
Published
2020-05-29T20:15:10Z
Modified
2025-09-19T11:36:25.020855Z
Severity
  • 3.5 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformat_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.

References

Affected packages

Git / github.com/freerdp/freerdp

Affected ranges

Type
GIT
Repo
https://github.com/freerdp/freerdp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
b73143cf7ee5fe4cdabcbf56908aa15d8a883821

Affected versions

1.*

1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9

2.*

2.0.0
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "71316678263115778470361329507058901950",
                    "63540122468191937103107350026873264224",
                    "311802106057008330910831195565484748179",
                    "88442219528543279340249984410341899042",
                    "236818773394248061081604530974740996276",
                    "188729803353912925768022284096116154610",
                    "293512685827824235715399093202038882692",
                    "303579114188168452838756809606480706429",
                    "179242171078527379441438291443595260482",
                    "302037644450793362830990252107106706781",
                    "146437598717710508212057032060629376952",
                    "235305518902367730881752776020597392161",
                    "50943607780670792684217141734050961231",
                    "123992897057392158834041219569317059238",
                    "40090623701415119895798417467188135203",
                    "286002698754695699978868173551371204746",
                    "302052338601759565961793481301062284411",
                    "277093999041538559639943319074156391720",
                    "277141907495603272338991899375378398784",
                    "142681840246704475630993268288687255286",
                    "80882954800859107975839822879316711483",
                    "242917856516449484351546313598304823768",
                    "90002681359153429517644005190282609344",
                    "270599820833287275900354347987663515905",
                    "69249738883686318625784588559319402728",
                    "140534088899720478760109524424776359714",
                    "6724464783301728266773941107946349830",
                    "68012983517036978521471149854357420895",
                    "190881312875784621904566973360819377987",
                    "290661054656205251552765610330640869365",
                    "236773350137408637406022177098079034092",
                    "161914990398887684308944318483944182596",
                    "28094127606236728584947771229130378881",
                    "261208175590299138782560971748175296319",
                    "198022217380900924977634518515279232974",
                    "143363212442148630519679484952946530092",
                    "1862429887198272228960351469094143062",
                    "320513254749327974737313484633090497241",
                    "61865209773854207088033365335746998841",
                    "85622312806252130597541212747606045509",
                    "242061107344308146823141931199971851084",
                    "154951889956189150162155649308559968549",
                    "333074141710635353878506192750459148821",
                    "42991730476459113061517562994418791933",
                    "73407017586669018435370851976057873903",
                    "274315285384316596409966189737972590473",
                    "253837040126099377684797670937259048718",
                    "134981268559330297806103413679847795898",
                    "43848114785217618350281904280907089912",
                    "156897186441098143467104864261377628438",
                    "13762095066347915966923166648613850754",
                    "98784604065071455925477951613183686823",
                    "178210971650513841795867552392509721741",
                    "239510412079081844005262062076557384060",
                    "97459586985064186049107643206241299674",
                    "109788831402041431437678269657099952938",
                    "112837127432810834075814414088636631573",
                    "82837114165069312548998727252748101455",
                    "140684051045228495882257140720527403055",
                    "29881999773071381577645871117215415039",
                    "65327241217629519474646358662864571792",
                    "242917856516449484351546313598304823768",
                    "90002681359153429517644005190282609344",
                    "270599820833287275900354347987663515905",
                    "69249738883686318625784588559319402728",
                    "140534088899720478760109524424776359714",
                    "237440932411539319025246595566403433322",
                    "237313903587175490261517822050382511294",
                    "40458288375686759039193567450145013751",
                    "13762095066347915966923166648613850754",
                    "98784604065071455925477951613183686823",
                    "283243182047922977302967365559067510904",
                    "166649452894050414951209799627045583941",
                    "233458237148110770808869733437285346947",
                    "264140427637266464769222973233060825673",
                    "155020585740210069062249668437140249077",
                    "279660447524612550405022729842507346376",
                    "86593094957984328246734838956643369060",
                    "114562740066795314256878973389545787428",
                    "137889393503785426591652500460413235763",
                    "196522287637891272989044520842238604457",
                    "87240964693278567559417378805484388620",
                    "160829556722421556631171694962899545382",
                    "299579115608152455135066254831344267687",
                    "18395718106416549509875697073289109413",
                    "338933464859641274762573489005231306344"
                ]
            },
            "id": "CVE-2020-11085-2400b53d",
            "source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "channels/cliprdr/cliprdr_common.c"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "126903225979021343612758508297033349238",
                "length": 2709.0
            },
            "id": "CVE-2020-11085-3c487e8d",
            "source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "file": "channels/cliprdr/cliprdr_common.c",
                "function": "cliprdr_read_format_list"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "286899962749782026485367568772545424260",
                "length": 252.0
            },
            "id": "CVE-2020-11085-53068257",
            "source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "file": "channels/cliprdr/cliprdr_common.c",
                "function": "cliprdr_free_format_list"
            },
            "deprecated": false
        }
    ]
}