In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Freerdp | Freerdp | * | * |