Lucene search
HistoryJun 09, 2020 - 8:15 p.m.
CVE-2020-1232
information security
vulnerability
cve-2020-1232
media foundation
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.116 Low
EPSS
Percentile
95.3%
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka âMedia Foundation Information Disclosure Vulnerabilityâ.
Affected configurations
Node
microsoftwindows_10_2004 for 32-bit systemsMatchunspecified
ORmicrosoftwindows_server,_version_2004Matchunspecified
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows
ORmicrosoftwindows_server
ORmicrosoftwindows_server
ORmicrosoftwindows_server
ORmicrosoftwindows_server
ORmicrosoftwindows_server
ORmicrosoftwindows_10_1909 for 32-bit systemsMatchunspecified
ORmicrosoftwindows_10_1909 for x64-based systemsMatchunspecified
ORmicrosoftwindows_10_1909 for arm64-based systemsMatchunspecified
ORmicrosoftwindows_server,_version_1909Matchunspecified
ORmicrosoftwindows_10_1903 for 32-bit systemsMatchunspecified
ORmicrosoftwindows_10_1903 for x64-based systemsMatchunspecified
ORmicrosoftwindows_10_1903 for arm64-based systemsMatchunspecified
ORmicrosoftwindows_server,_version_1903Matchunspecified
ORmicrosoftwindows_10_2004 for arm64-based systemsMatchunspecified
ORmicrosoftwindows_10_2004 for x64-based systemsMatchunspecified
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10_2004 for 32-bit systems | unspecified | cpe:2.3:o:microsoft:windows_10_2004 for 32-bit systems:unspecified:*:*:*:*:*:*:* |
| microsoft | windows_server,_version_2004 | unspecified | cpe:2.3:o:microsoft:windows_server,_version_2004:unspecified:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Windows 10 Version 2004 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 2004 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "10 Version 1607 for x64-based Systems"
}
]
},
{
"product": "Windows Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "version 1803 (Core Installation)"
},
{
"status": "affected",
"version": "2019"
},
{
"status": "affected",
"version": "2019 (Core installation)"
},
{
"status": "affected",
"version": "2016"
},
{
"status": "affected",
"version": "2016 (Core installation)"
}
]
},
{
"product": "Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1909 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows Server, version 1903 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 2004 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Windows 10 Version 2004 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]Related
prion
prion
Information disclosure
2020-06-09 20:15:00
cvelist
cvelist
CVE-2020-1232
2020-06-09 19:43:33
mscve
mscve
Media Foundation Information Disclosure Vulnerability
2020-06-09 07:00:00
nvd
nvd
CVE-2020-1232
2020-06-09 20:15:15
zdi
zdi
mskb
mskb
June 9, 2020âKB4561616 (OS Build 14393.3750)
2020-06-09 07:00:00
June 9, 2020âKB4561602 (OS Build 16299.1932)
2020-06-09 07:00:00
June 9, 2020âKB4561621 (OS Build 17134.1550)
2020-06-09 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4561616)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4561602)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4561608)
2020-06-10 00:00:00
nessus
nessus
KB4561616: Windows 10 Version 1607 and Windows Server 2016 June 2020 Security Update
2020-06-09 00:00:00
KB4561602: Windows 10 Version 1709 June 2020 Security Update
2020-06-09 00:00:00
KB4561621: Windows 10 Version 1803 June 2020 Security Update
2020-06-09 00:00:00
kaspersky
kaspersky
KLA11807 Multiple vulnerabilities in Microsoft Windows
2020-06-09 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB
2020-06-23 01:31:46
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.116 Low
EPSS
Percentile
95.3%
Related for CVE-2020-1232