Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-1408
HistoryJul 14, 2020 - 11:15 p.m.

CVE-2020-1408

2020-07-1423:15:17
CWE-346
[email protected]
web.nvd.nist.gov
82
cve-2020-1408
remote code execution
windows font library
nvd
microsoft graphics

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka ‘Microsoft Graphics Remote Code Execution Vulnerability’.

Affected configurations

Vulners
NVD
Node
microsoftwindows_10Match1803x32
OR
microsoftwindows_10Match1803x64
OR
microsoftwindows_10Match1803arm64
OR
microsoftwindows_10Match1809x32
OR
microsoftwindows_10Match1809x64
OR
microsoftwindows_10Match1809arm64
OR
microsoftwindows_10Match1709x32
OR
microsoftwindows_10Match1709x64
OR
microsoftwindows_10Match1709arm64
OR
microsoftwindows_10x32
OR
microsoftwindows_10x64
OR
microsoftwindows_10Match1607x32
OR
microsoftwindows_10Match1607x64
OR
microsoftwindows_7sp1x32
OR
microsoftwindows_7sp1x64
OR
microsoftwindows_10Match8.1x32
OR
microsoftwindowsMatch8.1x64
OR
microsoftwindows_rtMatch8.1
Node
microsoftwindows_server_2019
OR
microsoftwindows_server_2019
OR
microsoftwindows_server_2016
OR
microsoftwindows_server_2016
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008_r2sp1x64
OR
microsoftwindows_server_2008_r2sp1x64
OR
microsoftwindows_server_2012
OR
microsoftwindows_server_2012
OR
microsoftwindows_server_2012r2
OR
microsoftwindows_server_2012r2
VendorProductVersionCPE
microsoftwindows_10_2004 for 32-bit systemsunspecifiedcpe:2.3:o:microsoft:windows_10_2004 for 32-bit systems:unspecified:*:*:*:*:*:*:*
microsoftwindows_10_2004 for arm64-based systemsunspecifiedcpe:2.3:o:microsoft:windows_10_2004 for arm64-based systems:unspecified:*:*:*:*:*:*:*
microsoftwindows_10_2004 for x64-based systemsunspecifiedcpe:2.3:o:microsoft:windows_10_2004 for x64-based systems:unspecified:*:*:*:*:*:*:*
microsoftwindows_server,_version_2004unspecifiedcpe:2.3:o:microsoft:windows_server,_version_2004:unspecified:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 441

CNA Affected

[
  {
    "product": "Windows 10 Version 2004 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 2004 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 2004 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Server, version 2004 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "10 Version 1803 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1803 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1803 for ARM64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1809 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1809 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1809 for ARM64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1709 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1709 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1709 for ARM64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1607 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1607 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "7 for 32-bit Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "7 for x64-based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "8.1 for 32-bit systems"
      },
      {
        "status": "affected",
        "version": "8.1 for x64-based systems"
      },
      {
        "status": "affected",
        "version": "RT 8.1"
      }
    ]
  },
  {
    "product": "Windows Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019"
      },
      {
        "status": "affected",
        "version": "2019  (Core installation)"
      },
      {
        "status": "affected",
        "version": "2016"
      },
      {
        "status": "affected",
        "version": "2016  (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 for 32-bit Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 for x64-based Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 R2 for x64-based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2012"
      },
      {
        "status": "affected",
        "version": "2012 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2012 R2"
      },
      {
        "status": "affected",
        "version": "2012 R2 (Core installation)"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1909 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1909 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1909 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Server, version 1909 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1903 for 32-bit Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1903 for x64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows 10 Version 1903 for ARM64-based Systems",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Windows Server, version 1903 (Server Core installation)",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]

Related

prion 2
cvelist 2
nvd 2
mscve 1
cve 1
nessus 13
openvas 11
debiancve 1
osv 1
ubuntucve 1
mskb 15
kaspersky 2
avleonov 1
prion
prion
Remote code execution
2020-07-14 23:15:00
Code injection
2020-06-09 14:15:00
cvelist
cvelist
CVE-2020-1408
2020-07-14 22:54:30
CVE-2020-13977
2020-06-09 13:06:56
nvd
nvd
CVE-2020-1408
2020-07-14 23:15:17
CVE-2020-13977
2020-06-09 14:15:10
mscve
mscve
Microsoft Graphics Remote Code Execution Vulnerability
2020-07-14 07:00:00
cve
cve
CVE-2020-13977
2020-06-09 14:15:10
nessus
nessus
Fedora 33 : nagios (2021-5689072a7e)
2021-03-08 00:00:00
Fedora 32 : nagios (2021-b5e897a2e5)
2021-03-08 00:00:00
KB4565529: Windows Server 2008 July 2020 Security Update
2020-07-14 00:00:00
openvas
openvas
Nagios Core < 4.4.6 Multiple Vulnerabilities
2020-06-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565536)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565524)
2020-07-15 00:00:00
debiancve
debiancve
CVE-2020-13977
2020-06-09 14:15:10
osv
osv
CVE-2020-13977
2020-06-09 14:15:10
ubuntucve
ubuntucve
CVE-2020-13977
2020-06-09 00:00:00
mskb
mskb
July 14, 2020—KB4565536 (Monthly Rollup)
2020-07-14 07:00:00
July 14, 2020—KB4565529 (Security-only update)
2020-07-14 07:00:00
July 14, 2020—KB4565539 (Security-only update)
2020-07-14 07:00:00
kaspersky
kaspersky
KLA11863 Multiple vulnerabilities in Microsoft Products (ESU)
2020-07-14 00:00:00
KLA11865 Multiple vulnerabilities in Microsoft Windows
2020-07-14 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday July 2020: my new open source project Vulristics, DNS SIGRed, RDP Client and SharePoint
2020-08-02 04:05:22

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON
Related for CVE-2020-1408
prion2cvelist2nvd2mscve1cve1nessus13openvas11debiancve1osv1ubuntucve1mskb15kaspersky2avleonov1