Lucene search

K
redhatcveRedhat.comRH:CVE-2020-11043
HistoryJun 17, 2020 - 2:56 p.m.

CVE-2020-11043

2020-06-1714:56:06
redhat.com
access.redhat.com
9

EPSS

0.001

Percentile

42.3%

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.

Mitigation

To mitigate this flaw, do not use /rfx, /gfx or /network:auto command line options in the freerdp client.