PT-2020-3173 · Microsoft · Windows Graphics+1

Fluorescence

Published

2020-07-14

Updated

2021-07-21

CVE-2020-1382

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows Graphics Component (affected versions not specified)

Description The issue is related to an elevation of privilege vulnerability that exists due to the improper handling of objects in memory by the Windows Graphics Component. This can be exploited by an attacker to elevate their privileges, potentially using a specially crafted application. The vulnerability may be related to insufficient input validation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

BDU:2020-03471

CVE-2020-1382

ZDI-20-873

Affected Products

Windows

Windows Graphics

PT-2020-3173 · Microsoft · Windows Graphics+1

CVE-2020-1382

Weakness Enumeration

Related Identifiers

Affected Products

References · 6