In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadNegotiateMessage. This has been fixed in 2.1.0.
{ "vanir_signatures": [ { "source": "https://github.com/freerdp/freerdp/commit/8fa38359634a9910b91719818ab02f23c320dbae", "signature_type": "Function", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_message.c", "function": "ntlm_read_NegotiateMessage" }, "id": "CVE-2020-11088-bb5484fe", "digest": { "function_hash": "294044559389867611587402381678689972794", "length": 2022.0 }, "deprecated": false, "signature_version": "v1" } ] }