CVE-2020-1020

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description A remote code execution issue exists in Microsoft Windows due to the improper handling of a specially-crafted multi-master font in the Adobe Type 1 PostScript format by the Windows Adobe Type Manager Library. This could allow an attacker to execute code remotely. The vulnerability affects all systems except Windows 10, where an attacker could execute code remotely if the vulnerability is successfully exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-20

Related Identifiers

BDU:2020-02225

CVE-2020-1020

Affected Products

Type Manager Library

Windows

CVE-2020-1020

Weakness Enumeration

Related Identifiers

Affected Products

References · 23