In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "211889767179519173455068629310267974284", "334927881132409541979265657637039224257", "125691199281154487069690645935125695952", "77532769544972190200999251155990726791", "67029106465826423111109996019476956999", "313269914942080972671094399161922550887", "277544835550004491785070392949723264825", "101102201726170294312828920890868128373", "336166737119220773218571225468425473610" ] }, "id": "CVE-2020-4032-1344be3a", "source": "https://github.com/freerdp/freerdp/commit/e7bffa64ef5ed70bac94f823e2b95262642f5296", "signature_version": "v1", "signature_type": "Line", "target": { "file": "libfreerdp/core/orders.c" }, "deprecated": false }, { "digest": { "function_hash": "196418727696739161854493157417758626567", "length": 3193.0 }, "id": "CVE-2020-4032-aeadc66e", "source": "https://github.com/freerdp/freerdp/commit/e7bffa64ef5ed70bac94f823e2b95262642f5296", "signature_version": "v1", "signature_type": "Function", "target": { "file": "libfreerdp/core/orders.c", "function": "update_recv_secondary_order" }, "deprecated": false } ] }