CVE-2020-0820
published 2020-03-12CVE-2020-0820: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
Affected
45 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1903_for_32-bit_systems | — | — |
| microsoft | windows_10_version_1903_for_arm64-based_systems | — | — |
| microsoft | windows_10_version_1903_for_x64-based_systems | — | — |
| microsoft | windows_10_version_1909_for_32-bit_systems | — | — |
| microsoft | windows_10_version_1909_for_arm64-based_systems | — | — |
| microsoft | windows_10_version_1909_for_x64-based_systems | — | — |
GHSA
GHSA-4hc5-44q4-8h74: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosur
ghsa_unreviewed·2022-05-24
CVE-2020-0820 [LOW] CWE-200 GHSA-4hc5-44q4-8h74: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosur
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
Microsoft
Media Foundation Information Disclosure Vulnerability
vendor_msrc·2020-03-10·CVSS 5.5
CVE-2020-0820 [MEDIUM] Media Foundation Information Disclosure Vulnerability
Media Foundation Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
To exploit this vulnerability, an attacker would have to log onto an affected system and open a specially crafted file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, t
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-03-10·CVSS 8.8
CVE-2020-0796 [HIGH] Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw and Vitor Ventura.
Update (March 12, 2020): Microsoft released an out-of-band patch for CVE-2020-0796, a code execution vulnerability SMB client and server for Windows. An unauthenticated attacker could exploit this vulnerability to execute remote code. Snort rules 53425 - 53428 protect against exploitation of CVE-2020-0796.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 117 vulnerabilities, 25 of which are considered critical. There is also one moderate vulnerability and 91 that are considered important.
This month's patches include updates to Microsoft Media Foundation, the GDI+ API and Windows Defender, among others.
Talos released a new
Talos
Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-03-10·CVSS 8.8
CVE-2020-0796 [HIGH] Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw and Vitor Ventura.
Update (March 12, 2020): Microsoft released an out-of-band patch for CVE-2020-0796, a code execution vulnerability SMB client and server for Windows. An unauthenticated attacker could exploit this vulnerability to execute remote code. Snort rules 53425 - 53428 protect against exploitation of CVE-2020-0796.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 117 vulnerabilities, 25 of which are considered critical. There is also one moderate vulnerability and 91 that are considered important.
This month's patches include updates to Microsoft M
2020-03-12
Published