VIR Vulnerability Intelligence Relay

CVE-2020-11523

critical
Published — · Modified —
CVSS v3
CVSS v2
VIR risk
9.5

Description

libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2020-11523

OS impact
OSVersionStatusFixed in
arch archfixed2:2.0.0-1
debian debianbookwormfixed2.1.1+dfsg1-1
debian debianbullseyefixed2.1.1+dfsg1-1

References

Verify integrity in audit chain (admin only). AS-IS.