CVE-2020-1028 — Out-of-bounds Write in Microsoft Windows
Severity
7.8HIGHNVD
EPSS
13.8%
top 5.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 21
Latest updateMay 24
Description
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages10 packages
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-99rx-2f4j-q27g: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V↗2022-05-24
CVEList▶
CVE-2020-1028: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V↗2020-05-21
📋Vendor Advisories
1💬Community
1Bugzilla▶
CVE-2020-10870 zim: predictable temporary directory names allows users to cause denial of service↗2020-05-04