In FreeRDP before version 2.1.2, there is an out of bounds read in licensereadneworupgradelicensepacket. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
{ "vanir_signatures": [ { "source": "https://github.com/freerdp/freerdp/commit/6ade7b4cbfd71c54b3d724e8f2d6ac76a58e879a", "signature_version": "v1", "signature_type": "Line", "id": "CVE-2020-11099-32a9881b", "target": { "file": "libfreerdp/core/license.c" }, "digest": { "line_hashes": [ "281898718017460842865274888192424252485", "83058414834778746533741131352962854180", "241823807449695300903551662545204628159", "104563044135382114892485080153802132894", "278816154913480145921262192622640017090", "26480789416045994852112671328764416839", "269870899946188939866216373041037959054", "201285351122475363004377485740462230578", "267637594190386831000553751936310271035", "219439559284708563842826948195042537542", "192134607697367529546078387553987608389", "326301040129011736875141829600202056014" ], "threshold": 0.9 }, "deprecated": false }, { "source": "https://github.com/freerdp/freerdp/commit/6ade7b4cbfd71c54b3d724e8f2d6ac76a58e879a", "signature_version": "v1", "signature_type": "Function", "id": "CVE-2020-11099-32c5cffe", "target": { "file": "libfreerdp/core/license.c", "function": "license_read_new_or_upgrade_license_packet" }, "digest": { "function_hash": "260292141331458710674748352587146545953", "length": 1942.0 }, "deprecated": false } ] }