7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.004 Low
EPSS
Percentile
70.9%
2.1.2-alt1 built June 25, 2020 Andrey Cherepanov in task #253866
June 23, 2020 Andrey Cherepanov
- New version.
- Fixes:
+ CVE-2020-4033 Out of bound read in RLEDECOMPRESS
+ CVE-2020-4031 Use-After-Free in gdi_SelectObject
+ CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order`
+ CVE-2020-4030 OOB read in `TrioParse`
+ CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet
+ CVE-2020-11098 Out-of-bound read in glyph_cache_put
+ CVE-2020-11097 OOB read in ntlm_av_pair_get
+ CVE-2020-11095 Global OOB read in update_recv_primary_order
+ CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order
+ Gateway RPC fixes for windows
+ Fixed resource fee race resulting in double free in USB redirection
+ Fixed wayland client crashes
+ Fixed X11 client mouse mapping issues (X11 mapping on/off)
+ Some proxy related improvements (capture module)
+ Code cleanup (use getlogin_r, ...)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.004 Low
EPSS
Percentile
70.9%