CVE-2020-1319: A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Exploitation of the vulnerability requires that a program process a specially crafted image file. The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.

Affected

37 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	windows_10	—	—
microsoft	windows_10	—	—
microsoft	windows_10	—	—
microsoft	windows_10	—	—
microsoft	windows_10	—	—
microsoft	windows_10	—	—
microsoft	windows_10	—	—
microsoft	windows_10_version_1507	—	—
microsoft	windows_10_version_1607	—	—
microsoft	windows_10_version_1709	—	—
microsoft	windows_10_version_1709_for_32-bit_systems	—	—
microsoft	windows_10_version_1803	—	—
microsoft	windows_10_version_1809	—	—
microsoft	windows_10_version_1903_for_32-bit_systems	—	—
microsoft	windows_10_version_1903_for_arm64-based_systems	—	—
microsoft	windows_10_version_1903_for_x64-based_systems	—	—
microsoft	windows_10_version_1909	—	—
microsoft	windows_10_version_2004	—	—
microsoft	windows_server_2016	—	—
microsoft	windows_server_2016	—	—
microsoft	windows_server_2016	—	—
microsoft	windows_server_2016	—	—
microsoft	windows_server_2019	—	—
microsoft	windows_server_version_2004	—	—
msrc	windows_10	—	—