CVE-2020-16914

Name of the Vulnerable Software and Affected Versions: Windows Graphics Device Interface Plus (GDI+) (affected versions not specified)

Description: An information disclosure issue exists in the way GDI+ handles objects in memory, allowing an attacker to retrieve information from a targeted system. This issue does not allow arbitrary code execution on its own but could enable it if combined with another vulnerability. To exploit this, an attacker must log on to the system and run a specially crafted application.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.