Vulnerability in Microsoft Windows
CVE-2020-1436
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely…
EPSS: 0.133 (94.3th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Windows — versions 10 Version 1803 for 32-bit Systems, 10 Version 1803 for x64-based Systems, 10 Version 1803 for ARM64-based Systems
- Microsoft Windows 10 Version 1903 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 1903 For Arm64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1903 For X64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1909 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 1909 For Arm64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1909 For X64-based Systems — versions unspecified
- Microsoft Windows 10 Version 2004 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 2004 For Arm64-based Systems — versions unspecified
- Microsoft Windows 10 Version 2004 For X64-based Systems — versions unspecified
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436 (x_refsource_MISC)
- www.zerodayinitiative.com/advisories/ZDI-20-877/ (x_refsource_MISC)
- [oss-security] 20200825 X.Org server security advisory: August 25, 2020 (mailing-list, x_refsource_MLIST)
- [oss-security] 20200825 Re: X.Org server security advisory: August 25, 2020 (mailing-list, x_refsource_MLIST)