DEBIAN-CVE-2020-11039

DEBIAN-CVE-2020-11039 PUBLISHED CVSS 6.800000190734863 MEDIUM

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.

Risk Scores

CVSS v3.1

6.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L

Affected Products

Vendor	Product	Versions
Debian:12	freerdp2	0, 0, 0
Debian:11	freerdp2	0, 0, 0

Timeline

May 29, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-11039 advisory

Open in Interactive Console →