CVE-2020-11039

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-11039
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11039.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-11039
Downstream
Related
Published
2020-05-29T19:15:10.390Z
Modified
2026-02-24T11:33:46.657066Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L CVSS Calculator
Summary
[none]
Details

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.

References

Affected packages

Git / gitlab.gnome.org/GNOME/libxml2

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/libxml2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c230410eadbada15092c04f92d01068af8a19f8d

Affected versions

Other
EAZEL-NAUTILUS-MS-AUG07
FOR_GNOME_0_99_1
GNOME_0_30
GNUMERIC_FIRST_PUBLIC_RELEASE
LIBXML_0_99
LIBXML_1_5_0
LIBXML_1_8_5
LIBXML_1_8_6
LIBXML_2_0_0
LIBXML_TEST_2_0_0
LIB_XML_1_1
LIB_XML_1_3
LIB_XML_1_4
LIB_XML_1_6_1
LIB_XML_1_6_2
LIB_XML_1_7_0
LIB_XML_1_7_1
LIB_XML_1_7_3
LIB_XML_1_8_3
LIB_XML_1_X

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11039.json"
vanir_signatures 
[
    {
        "id": "CVE-2020-11039-4fa8ca34",
        "signature_version": "v1",
        "target": {
            "file": "example/gjobread.c",
            "function": "main"
        },
        "digest": {
            "function_hash": "217067580253948699484829138099054328869",
            "length": 289.0
        },
        "signature_type": "Function",
        "source": "https://gitlab.gnome.org/GNOME/libxml2@c230410eadbada15092c04f92d01068af8a19f8d",
        "deprecated": false
    },
    {
        "id": "CVE-2020-11039-eabbf092",
        "signature_version": "v1",
        "target": {
            "file": "example/gjobread.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "287042595298680527861991348108261089809",
                "169182630361917727940441134910200921263",
                "198842561615446092675493735186734618685"
            ]
        },
        "signature_type": "Line",
        "source": "https://gitlab.gnome.org/GNOME/libxml2@c230410eadbada15092c04f92d01068af8a19f8d",
        "deprecated": false
    }
]