CVE-2020-11522

Name
CVE-2020-11522
Description
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Patch https://github.com/FreeRDP/FreeRDP/commits/master
Patch https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-48wx-7vgj-fffh
Exploit https://pub.freerdp.com/cve/CVE-2020-11522/pocAnalysis_5.pdf
Third Party Advisory https://usn.ubuntu.com/4379-1/
Third Party Advisory https://usn.ubuntu.com/4382-1/
Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
MLIST https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:* freerdp > 1.0.0 < 2.0.0
cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:* freerdp == None == 2.0.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status