Your submission was sent successfully! Close

CVE-2021-37595

Published: 30 July 2021

In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU.

Notes

AuthorNote
mdeslaur
windows-specific issue
Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
freerdp2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(windows-specific)
focal Not vulnerable
(windows-specific)
hirsute Not vulnerable
(windows-specific)
impish Not vulnerable
(windows-specific)
jammy Not vulnerable
(windows-specific)
trusty Does not exist

upstream Not vulnerable
(debian: Windows-specific)
xenial Ignored
(out of standard support)
Patches:
upstream: https://github.com/FreeRDP/FreeRDP/commit/0d79670a28c0ab049af08613621aa0c267f977e9