PT-2020-3710 · Microsoft · Windows Media Foundation+1

Published

2020-08-11

Updated

2024-01-19

CVE-2020-1478

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Windows Media Foundation (affected versions not specified)

Description: The issue is caused by a memory corruption vulnerability in Windows Media Foundation, which occurs when it improperly handles objects in memory. This can be exploited by an attacker to gain privileges, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. An attacker could exploit this vulnerability by convincing a user to open a specially crafted document or visit a malicious webpage.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

BDU:2020-04066

CVE-2020-1478

Affected Products

Windows

Windows Media Foundation

PT-2020-3710 · Microsoft · Windows Media Foundation+1

CVE-2020-1478

Weakness Enumeration

Related Identifiers

Affected Products

References · 7