CVE-2020-11087
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-11087
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11087.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-11087
- Downstream
- Related
- Published
- 2020-05-29T20:15:10Z
- Modified
- 2025-10-15T11:28:13.383320Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadAuthenticateMessage. This has been fixed in 2.1.0.
- References
Affected packages
Git / github.com/freerdp/freerdp
Affected ranges
- Type
- GIT
- Repo
- https://github.com/freerdp/freerdp
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
Database specific
vanir_signatures
[
{
"id": "CVE-2020-11087-4d56f382",
"deprecated": false,
"digest": {
"length": 6341.0,
"function_hash": "323716930376608716647377832147244238994"
},
"source": "https://github.com/freerdp/freerdp/commit/8241ab42fdf0cc89cf69fc574bf6360c9977a0d4",
"target": {
"function": "ntlm_read_AuthenticateMessage",
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_version": "v1",
"signature_type": "Function"
},
{
"id": "CVE-2020-11087-f908d808",
"deprecated": false,
"digest": {
"line_hashes": [
"154514318166335519574049377685409873258",
"56541073228512878616808342428086533156",
"161651536400387389871181437121023956494",
"211811431804190450677659699831454803476",
"295382713056045796778340193138038626325",
"276992700690353240360321429483627263581",
"138806139207652727465498310479651456571",
"278749379450094990387775363009510925691",
"241413464936548129503997645178197014903",
"30411643711945645815598947303704340527",
"339661838060147216225664927532669752921",
"133922056526047205639145996059903227230",
"68532566752706994136843909064010671536",
"304131632231906548921496171046306531778",
"67882167744274946674606458323381954716",
"121807398591422663603578373372885019896",
"253662455073028227159382901201324874617",
"111385606397311443666316341710094090228",
"102130564232632735527339562687623895148",
"11006258702244288486245773187479678531",
"74205178819293443848102321539429761466",
"253662455073028227159382901201324874617",
"312501569522021938152053614398069559351",
"98168397895482623504390908520550420877",
"117627523580040007016009315631784254027",
"314011867796071251342930867012647929853",
"244662915843780533572199619315750995590",
"253662455073028227159382901201324874617",
"174686487407518535509696959276533968595",
"239427991089082503098389597256809403251",
"33724994605980651017834831886549882202",
"164358783730812471173461857098172249776",
"244662915843780533572199619315750995590",
"253662455073028227159382901201324874617",
"201166722949810737187879871285367317983",
"249949584026904705042454117259771532465",
"196683094714095414160125404883075368945",
"260466164511542389587007361248825094720",
"253662455073028227159382901201324874617",
"323428085615289951860939594860197990528",
"131541879127304571214834482785127453148",
"8446251686585743229637268818340568032",
"103996748205276043571805998578244156008",
"253662455073028227159382901201324874617",
"228544139125987504589000920610065837109",
"236117061846471316865687652781394296627",
"254778563722473740048972977655769127247",
"304938498267846296685631809058007976055",
"253662455073028227159382901201324874617",
"68721091901326487661288802263901103083",
"187727687122777566716665464656245672789",
"76716247514145182233500530771454337423",
"132951234265639673915711190530189190236",
"244662915843780533572199619315750995590",
"253662455073028227159382901201324874617",
"125553016897872548207771638126188345197",
"150187513336340834753465668698033953966",
"208948704100297060610022153852978535373",
"274722474817140977116505144302812499570",
"250842374023437519868922881052830706402",
"45779165871585141370938961430733742079",
"11668046986392564375786790848727083845",
"122156914354461375210180735930759281141",
"253662455073028227159382901201324874617",
"63926046525700067898154360662491512743",
"229324638166040194753013467233623218125",
"139734374144708037125919670499225835851",
"232614083226558610815601275446320500753",
"6528800998010061828632523047093720207",
"198293103083158085166393109051800837141",
"253662455073028227159382901201324874617",
"321450999058637810535222367808907282124",
"42900884321040807565983816286398317705",
"121224227178259272233075738270673295606",
"196489480839964295787469285036203135035",
"90786100283805874210049656953796848292",
"16717625541532460009816958547667942930",
"22403996456231067067373353180918568504",
"145598177898448543383884230367024392777",
"13222721649571082529067686458067942018",
"211605321874173834158220053283370424647",
"134979684622246714513434620576927820854",
"22403996456231067067373353180918568504",
"246207011876176242020352619911965676689",
"240703831849212882616672407272991944112",
"240745115579393806267554647170182522614",
"241675326737785324093756427761370297118",
"22403996456231067067373353180918568504",
"104949350100721263125085305828183597995",
"233978408888539405578110558872926670550",
"179750850740817100481541789874758318749",
"304360824219610205673515898357785628045",
"85289164583278400144046241804581049589",
"22403996456231067067373353180918568504",
"322558151512957459299534849234313743916",
"184261764499893372990248445310371456419",
"191976415187374461648049678432978448559",
"191921137837496105374895311441883575312",
"85289164583278400144046241804581049589",
"22403996456231067067373353180918568504",
"82352513813789699389345125779190857440",
"119932755149428744155850767769393437618",
"191484239637562940985098941007368911445",
"46815914388692519416162241770889036168",
"161951019194278477929857201220550249749",
"186425153139679315952310294482846392769",
"316453102634686443952101406999990822926",
"36616512156431261482656976307408372757",
"102172305271217910653822640486853386827",
"22403996456231067067373353180918568504",
"80948364461329060192937305639493687949",
"213072126327002658363499619360350305158",
"38429710044080758485915941030506322698",
"117295542566946394961596785113956915651",
"196174300566754983061960566253389386822",
"272563553901084615855684391831694546890",
"143709003002470807945298515674467450668",
"129556815624869728747976358602876843137",
"154371492644357202537923291862393510017",
"72852919265872844141162240724849521675",
"118497478680621602106278070569346492826",
"234696324119093460368801125270654302795",
"85289164583278400144046241804581049589",
"22403996456231067067373353180918568504",
"304510621029493273474532992369478750308",
"74585422880968153809668040073975851661",
"11144158705062926999649801958073498764",
"69884830720015146667597333599505475347",
"226885259260921754369551347896931525118",
"83618653922054646947995034672438428867",
"253662455073028227159382901201324874617",
"223414785606981179076849053157060956549",
"32956767466003425107023088931155196646",
"39156160138601862363612520826126497801",
"185893991082219683248714946541531990070",
"59674959416409836500985609739051240668",
"22469809208479479408294288943005091214",
"22403996456231067067373353180918568504",
"11583215664584732026747536045610290768",
"106198836796427045018995615618927090784",
"53001384217291352936662513075794553259",
"190101201025833245442288381778414741658",
"313309393002342629773500538075404731352",
"234031056829139360422777395229473605100",
"50557167896935087143460297426701557932",
"253662455073028227159382901201324874617",
"208809639380305961018804431549322462879",
"87706621565962368399249085821525275618",
"251085397996317134810648371489196303894",
"98145398917848937212068238883182616901",
"117747777603796256591481692541516684869",
"244521677333975823892270362269904230088",
"156298833418999828687409685203336392883",
"162650266072802846803464401741298362854",
"22403996456231067067373353180918568504",
"241627117444334161744049415194429351173",
"222854894970348738675069231279978299978",
"297146069882352317858577471029366203453",
"98431425343492209492766820924004133354",
"199630960619385935638029402700823898567",
"73700629884199838290981677003813377712",
"22403996456231067067373353180918568504",
"172690674056621477251797713009409836607",
"4221347786307635465166641377379055471",
"285450915834911359032022236539347136773",
"41532746424712481815439544814212771219",
"34071731460786003810796844937636205349",
"203970205104222824289053029742670162691",
"73223257631344278879274576330480665205"
],
"threshold": 0.9
},
"source": "https://github.com/freerdp/freerdp/commit/8241ab42fdf0cc89cf69fc574bf6360c9977a0d4",
"target": {
"file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c"
},
"signature_version": "v1",
"signature_type": "Line"
}
]