Lucene search

MicrosoftMS:CVE-2020-1076

HistoryMay 12, 2020 - 7:00 a.m.

Windows Denial of Service Vulnerability

2020-05-1207:00:00

Microsoft

msrc.microsoft.com

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.5%

JSON

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.

The update addresses the vulnerability by correcting how Windows handles objects in memory.

Affected configurations

Vulners

Node

microsoftwindows_server_2012Range<2020-May

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2020-May

microsoftwindows_server_2012Range<2020-Mayr2

microsoftwindows_rt_8.1Range<2020-May

microsoftwindows_server\,_version_1903Range<2020-May

microsoftwindows_10_1903_for_arm64-based_systemsRange<2020-May

microsoftwindows_server_2012Range<2020-Mayr2

microsoftwindows_10_1903_for_x64-based_systemsRange<2020-May

microsoftwindows_10_2004_for_32-bit_systemsRange<2020-May

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2020-May

microsoftwindows_server_2016Range<2020-May

microsoftwindows_defender_on_windows_10_1607_for_x64-based_systemsRange<2020-May

microsoftwindows_defender_on_windows_10_1607_for_32-bit_systemsRange<2020-May

microsoftwindows_10_1903_for_x64-based_systemsRange<2020-May

microsoftwindows_10_2004_for_32-bit_systemsRange<2020-May

microsoftwindows_10_1903_for_x64-based_systemsRange<2020-May

microsoftwindows_10_1903_for_32-bit_systemsRange<2020-May

microsoftwindows_10_1709_for_arm64-based_systemsRange<2020-May

microsoftwindows_10_1709_for_x64-based_systemsRange<2020-May

microsoftwindows_10_1709_for_32-bit_systemsRange<2020-May

microsoftwindows_server\,_version_1909Range<2020-May

microsoftwindows_10_1909_for_arm64-based_systemsRange<2020-May

microsoftwindows_10_1909_for_x64-based_systemsRange<2020-May

microsoftwindows_10_1909_for_32-bit_systemsRange<2020-May

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2020-May

microsoftwindows_server_2019Range<2020-May

microsoftwindows_10_1809_for_arm64-based_systemsRange<2020-May

microsoftwindows_10_1809_for_x64-based_systemsRange<2020-May

microsoftwindows_10_1809_for_32-bit_systemsRange<2020-May

microsoftwindows_10_1803_for_arm64-based_systemsRange<2020-May

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2020-May

microsoftwindows_10_1803_for_x64-based_systemsRange<2020-May

microsoftwindows_10_1803_for_32-bit_systemsRange<2020-May

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.5%

JSON

Related for MS:CVE-2020-1076