A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.
The security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2020-08-17T19:13:00
Updated: 2024-05-29T16:32:46.237Z
Reserved: 2019-11-04T00:00:00
Link: CVE-2020-1379
JSON object: View
NVD Information
Status : Modified
Published: 2020-08-17T19:15:14.473
Modified: 2024-01-19T00:15:10.260
Link: CVE-2020-1379
JSON object: View
Redhat Information
No data.
CWE