Lucene search
Hossein Lotfi of Trend Micro Zero Day InitiativeZDI-20-457HistoryApr 15, 2020 - 12:00 a.m.
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability
2020-04-1500:00:00
Hossein Lotfi of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
21
EPSS
0.014
Percentile
86.3%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database engine. Crafted data in an MDB file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mscve
mscve
Jet Database Engine Remote Code Execution Vulnerability
2020-04-14 07:00:00
prion
prion
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
cvelist
cvelist
nvd
nvd
cve
cve
mskb
mskb
April 14, 2020âKB4550957 (Security-only update)
2020-04-14 07:00:00
April 14, 2020âKB4550965 (Security-only update)
2020-04-14 07:00:00
April 14, 2020âKB4550951 (Monthly Rollup)
2020-04-14 07:00:00
nessus
nessus
KB4550957: Windows Server 2008 April 2020 Security Update
2020-04-14 00:00:00
KB4550970: Windows 8.1 and Windows Server 2012 R2 April 2020 Security Update
2020-04-14 00:00:00
KB4550971: Windows Server 2012 April 2020 Security Update
2020-04-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4550964)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550961)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550930)
2020-04-15 00:00:00
kaspersky
kaspersky
KLA11743 Multiple vulnerabilities in Microsoft products (ESU)
2020-04-14 00:00:00
KLA11744 Multiple vulnerabilities in Microsoft Windows
2020-04-14 00:00:00
avleonov
avleonov