PT-2020-3793 · Microsoft · Windows Media Foundation+1

Published

2020-08-11

Updated

2024-01-19

CVE-2020-1492

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Windows Media Foundation (affected versions not specified)

Description: The issue is caused by a memory corruption vulnerability in Windows Media Foundation, allowing an attacker to potentially install programs, view, change, or delete data, or create new accounts with full user rights. This can be achieved by convincing a user to open a specially crafted document or visit a malicious webpage. The vulnerability exists due to improper handling of objects in memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

BDU:2020-04155

CVE-2020-1492

ZDI-20-1004

Affected Products

Windows

Windows Media Foundation

PT-2020-3793 · Microsoft · Windows Media Foundation+1

CVE-2020-1492

Weakness Enumeration

Related Identifiers

Affected Products

References · 9