Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2020-11523
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-11523
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11523.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-11523
Downstream
DEBIAN-CVE-2020-11523
DLA-2356-1
OESA-2021-1008
OESA-2021-1085
RHSA-2020:2334
RHSA-2020:2335
RHSA-2020:2336
RHSA-2020:2354
SUSE-SU-2020:2032-1
SUSE-SU-2020:2068-1
SUSE-SU-2020:2272-1
UBUNTU-CVE-2020-11523
USN-4379-1
USN-4382-1
USN-4382-2
openSUSE-SU-2020:1090-1
openSUSE-SU-2024:10768-1
Related
GHSA-4qrh-8cp8-4x42
MGASA-2020-0297
SUSE-SU-2020:2032-1
SUSE-SU-2020:2068-1
SUSE-SU-2020:2272-1
openSUSE-SU-2020:1090-1
openSUSE-SU-2024:10768-1
Published
2020-05-15T17:15:11Z
Modified
2025-09-19T11:36:39.281758Z
Severity
6.6 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
References
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
https://github.com/FreeRDP/FreeRDP/commits/master
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4qrh-8cp8-4x42
https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html
https://pub.freerdp.com/cve/CVE-2020-11523/pocAnalysis_2.pdf
https://usn.ubuntu.com/4379-1/
https://usn.ubuntu.com/4382-1/
Affected packages
Git
/
github.com/freerdp/freerdp
Affected ranges
Type
GIT
Repo
https://github.com/freerdp/freerdp
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
5ab2bed8749747b8e4b2ed431fd102bc726be684
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
CVE-2020-11523 - OSV