CVE-2020-11085

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-11085
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11085.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-11085
Downstream
Related
Published
2020-05-29T20:15:10Z
Modified
2025-10-21T05:20:36.060152Z
Severity
  • 3.5 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformat_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.

References

Affected packages

Git / github.com/freerdp/freerdp

Affected ranges

Type
GIT
Repo
https://github.com/freerdp/freerdp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
b73143cf7ee5fe4cdabcbf56908aa15d8a883821

Affected versions

1.*

1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9

2.*

2.0.0
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "71316678263115778470361329507058901950",
                "63540122468191937103107350026873264224",
                "311802106057008330910831195565484748179",
                "88442219528543279340249984410341899042",
                "236818773394248061081604530974740996276",
                "188729803353912925768022284096116154610",
                "293512685827824235715399093202038882692",
                "303579114188168452838756809606480706429",
                "179242171078527379441438291443595260482",
                "302037644450793362830990252107106706781",
                "146437598717710508212057032060629376952",
                "235305518902367730881752776020597392161",
                "50943607780670792684217141734050961231",
                "123992897057392158834041219569317059238",
                "40090623701415119895798417467188135203",
                "286002698754695699978868173551371204746",
                "302052338601759565961793481301062284411",
                "277093999041538559639943319074156391720",
                "277141907495603272338991899375378398784",
                "142681840246704475630993268288687255286",
                "80882954800859107975839822879316711483",
                "242917856516449484351546313598304823768",
                "90002681359153429517644005190282609344",
                "270599820833287275900354347987663515905",
                "69249738883686318625784588559319402728",
                "140534088899720478760109524424776359714",
                "6724464783301728266773941107946349830",
                "68012983517036978521471149854357420895",
                "190881312875784621904566973360819377987",
                "290661054656205251552765610330640869365",
                "236773350137408637406022177098079034092",
                "161914990398887684308944318483944182596",
                "28094127606236728584947771229130378881",
                "261208175590299138782560971748175296319",
                "198022217380900924977634518515279232974",
                "143363212442148630519679484952946530092",
                "1862429887198272228960351469094143062",
                "320513254749327974737313484633090497241",
                "61865209773854207088033365335746998841",
                "85622312806252130597541212747606045509",
                "242061107344308146823141931199971851084",
                "154951889956189150162155649308559968549",
                "333074141710635353878506192750459148821",
                "42991730476459113061517562994418791933",
                "73407017586669018435370851976057873903",
                "274315285384316596409966189737972590473",
                "253837040126099377684797670937259048718",
                "134981268559330297806103413679847795898",
                "43848114785217618350281904280907089912",
                "156897186441098143467104864261377628438",
                "13762095066347915966923166648613850754",
                "98784604065071455925477951613183686823",
                "178210971650513841795867552392509721741",
                "239510412079081844005262062076557384060",
                "97459586985064186049107643206241299674",
                "109788831402041431437678269657099952938",
                "112837127432810834075814414088636631573",
                "82837114165069312548998727252748101455",
                "140684051045228495882257140720527403055",
                "29881999773071381577645871117215415039",
                "65327241217629519474646358662864571792",
                "242917856516449484351546313598304823768",
                "90002681359153429517644005190282609344",
                "270599820833287275900354347987663515905",
                "69249738883686318625784588559319402728",
                "140534088899720478760109524424776359714",
                "237440932411539319025246595566403433322",
                "237313903587175490261517822050382511294",
                "40458288375686759039193567450145013751",
                "13762095066347915966923166648613850754",
                "98784604065071455925477951613183686823",
                "283243182047922977302967365559067510904",
                "166649452894050414951209799627045583941",
                "233458237148110770808869733437285346947",
                "264140427637266464769222973233060825673",
                "155020585740210069062249668437140249077",
                "279660447524612550405022729842507346376",
                "86593094957984328246734838956643369060",
                "114562740066795314256878973389545787428",
                "137889393503785426591652500460413235763",
                "196522287637891272989044520842238604457",
                "87240964693278567559417378805484388620",
                "160829556722421556631171694962899545382",
                "299579115608152455135066254831344267687",
                "18395718106416549509875697073289109413",
                "338933464859641274762573489005231306344"
            ]
        },
        "target": {
            "file": "channels/cliprdr/cliprdr_common.c"
        },
        "signature_version": "v1",
        "id": "CVE-2020-11085-2400b53d",
        "deprecated": false,
        "source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "126903225979021343612758508297033349238",
            "length": 2709.0
        },
        "target": {
            "file": "channels/cliprdr/cliprdr_common.c",
            "function": "cliprdr_read_format_list"
        },
        "signature_version": "v1",
        "id": "CVE-2020-11085-3c487e8d",
        "deprecated": false,
        "source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "286899962749782026485367568772545424260",
            "length": 252.0
        },
        "target": {
            "file": "channels/cliprdr/cliprdr_common.c",
            "function": "cliprdr_free_format_list"
        },
        "signature_version": "v1",
        "id": "CVE-2020-11085-53068257",
        "deprecated": false,
        "source": "https://github.com/freerdp/freerdp/commit/b73143cf7ee5fe4cdabcbf56908aa15d8a883821"
    }
]