Lucene search

MicrosoftCVE-2020-0939

HistoryApr 15, 2020 - 3:15 p.m.

CVE-2020-0939

2020-04-1515:15:16

microsoft

web.nvd.nist.gov

cve

2020

0939

media foundation

information disclosure

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

70.6%

JSON

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka ‘Media Foundation Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0937, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947.

Affected configurations

Nvd

Node

microsoftwindows_10Match1903

microsoftwindows_10Match1909

microsoftwindows_server_2016Match1903

microsoftwindows_server_2016Match1909

VendorProductVersionCPE
microsoftwindows_101903cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
microsoftwindows_101909cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
microsoftwindows_server_20161903cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
microsoftwindows_server_20161909cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_10	1903	cpe:2.3:o:microsoft:windows_10:1903:::::::*
microsoft	windows_10	1909	cpe:2.3:o:microsoft:windows_10:1909:::::::*
microsoft	windows_server_2016	1903	cpe:2.3:o:microsoft:windows_server_2016:1903:::::::*
microsoft	windows_server_2016	1909	cpe:2.3:o:microsoft:windows_server_2016:1909:::::::*

CNA Affected

[
  {
    "product": "Windows 10 Version 1909 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1909 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1909 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Server, version 1909 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1903 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1903 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1903 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Server, version 1903 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]