CVE-2020-4031

Summary

In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.

Affected Software

VendorProductVersion RangeStatus
FreeRDPFreeRDP< 2.1.2affected

Weaknesses

  • CWE-416: CWE-416: Use After Free

ADP Enrichment

CVE Program Container

Additional References

References