In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARYDRAWINGORDERFIELDBYTES. This is fixed in version 2.1.2.
{ "vanir_signatures": [ { "digest": { "function_hash": "57488475844778396462460790092864555790", "length": 237.0 }, "id": "CVE-2020-11097-212ea6e0", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_add_copy" }, "deprecated": false }, { "digest": { "threshold": 0.9, "line_hashes": [ "281199093337488200191958111791756366853", "86361152385755966826729106938199490232", "301258790964740342752047417413381409325", "64871899050614241632329072053632383438", "171629921269689412698261980165533363166", "280985466425593815851120201738318197848", "215031949970783615435428995198206216453", "286438992864848406489036145044154905334", "113752148089474114952837197080630701144", "261104035268028934009696214851412871679", "98989221216521820866967581278618381482", "337742880902647651629047093659632208933", "3334756412236517589181867201979733455", "103245678047144842394138995286077424134", "5166378531987869140672072634351512732", "249200620952908277699102100906082171268", "115587606294612258886551207392690826315", "36484635899830625272804187925422326882", "188107224532099152941644997882149622203", "180995325117604890745894139970635283717", "436036971502398700086804216155473821", "13529482424500140519531356944398575912", "136417555553341533743111632568764786077", "239445366359930780630590472806495990522", "132711345408900996857392493114575091850", "295114563189248967616603163122388961511", "242173724222210736403411708683860662329", "330855163572209597226193036534035120791", "91374909195604381407826664147616620024", "96083745236847862914030290942849033056", "22209690621860503893893589792044144381", "57244532241024405700955981970156616836", "57101202039700414667920455083041397523", "313012558092589049358220648949321429457", "245617393233253849284754177811591500060", "69418438796879696461326147429630176135", "150329480413620240615249325058868698542", "115366925041650720317956991863994919354", "271022599464925284833260632313878238678", "313539118943810949408059871957705625692", "337682998172270753137155573263664761500", "136403229665872719211530308254949039834", "192915648604426182295163500785957816589", "71241307273316452603812038843946428292", "6774316596784631972329756482198279032", "107836011117986293807400463457708225656", "55819068125011700510501495665340032292", "201806937536850179500748766512066582561", "61340727451805348634457892027747916553", "206448064473308206000361481115046595942", "253106058364440878946468316007062645472", "149556273958818351783449250945774504637", "163346887054405021868980364527044038797", "281859025270304923139001026590981219081", "111023201722658384554392286046801719828", "208043048851928609541199680414385351849", "194314692853375298167416266599964257412", "330855163572209597226193036534035120791", "133343078431817319198405452851395702822", "92051402708876702855213372929775476882", "20262677845246949811982578871421752273", "30294040465972978337665516207326600302", "100596151595386892808686808876444322873", "218380447903229931902041113406121401348", "79432236620937571761573377056172891904", "5833464350851945518932825287130234697", "165406605710286884109355416855268162045", "316748516904409782601425098032849292255", "325598333547243503755203230585074483313", "232014736034377139483828393234310555034", "47297651524244483785701207195065630951", "125950940752756859446411444416177807277", "66067983669307139571201381189351074732", "262687917827257726382326812727132182398", "151264887144978549018035186497608873800", "245158052017045770391939370792141102474", "202701610286915524349915576408099196539", "290948123518871606490567816206993941126", "212931074934022063009393948878372429454", "42619806236160354111725301116625869093", "15983919559890403491364002881865209377", "28762489451009499044273910584057284010", "197281290636470483770762266484523134261", "151802289544448969219420074066886837252", "274621551085559560253152700213456124964", "98894975566764290785317935575630181502", "253891738001197617345319286635477158345", "10275772404493237892076057494046037714", "323593557470075104773257748948920174739", "286218120647365853809383241850110654331", "271616553223947234689370643273736070232", "204959245956919500000557698352923497727", "79178136270752290869437934709439845435", "35763561069686551401812316540218716048", "155407727302030891086310250795867591593", "6566944372441949601433236734745800993", "216718548087427806829336023945031982278", "264280864178669558664264134680070434906", "24769221346687678975047931475780768468" ] }, "id": "CVE-2020-11097-272bcffb", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Line", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c" }, "deprecated": false }, { "digest": { "function_hash": "175833565996496883529938700350850501450", "length": 110.0 }, "id": "CVE-2020-11097-2f586647", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_get_id" }, "deprecated": false }, { "digest": { "function_hash": "108927781308684179934043214772713380729", "length": 2948.0 }, "id": "CVE-2020-11097-30d7ee78", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_construct_authenticate_target_info" }, "deprecated": false }, { "digest": { "function_hash": "209799115003739236552117946340401257257", "length": 152.0 }, "id": "CVE-2020-11097-57e5e340", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_check" }, "deprecated": false }, { "digest": { "function_hash": "90441895559154137032814721709891955161", "length": 245.0 }, "id": "CVE-2020-11097-79a17c93", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_next" }, "deprecated": false }, { "digest": { "function_hash": "215958110980277934940452342873429714093", "length": 90.0 }, "id": "CVE-2020-11097-8ea28a20", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_get_next_offset" }, "deprecated": false }, { "digest": { "function_hash": "175833565996496883529938700350850501450", "length": 110.0 }, "id": "CVE-2020-11097-ad3e0a61", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_get_len" }, "deprecated": false }, { "digest": { "function_hash": "292406813035899045056174170143961825560", "length": 392.0 }, "id": "CVE-2020-11097-dbb633d7", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_av_pair_get" }, "deprecated": false }, { "digest": { "function_hash": "227746966553372040698528109906061538220", "length": 461.0 }, "id": "CVE-2020-11097-fd509f40", "source": "https://github.com/freerdp/freerdp/commit/58a3122250d54de3a944c487776bcd4d1da4721e", "signature_type": "Function", "signature_version": "v1", "target": { "file": "winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c", "function": "ntlm_print_av_pair_list" }, "deprecated": false } ] }