Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiHossein Lotfi of Trend Micro Zero Day InitiativeZDI-20-458
HistoryApr 15, 2020 - 12:00 a.m.

Microsoft Windows JET Database Engine Stack-based Buffer Overflow Remote Code Execution Vulnerability

2020-04-1500:00:00
Hossein Lotfi of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
11

0.01 Low

EPSS

Percentile

83.9%

JSON

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database engine. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

Related

mscve 1
cve 10
prion 10
nvd 10
cvelist 10
mskb 14
nessus 10
openvas 8
kaspersky 2
avleonov 1
mscve
mscve
Jet Database Engine Remote Code Execution Vulnerability
2020-04-14 07:00:00
cve
cve
CVE-2020-0959
2020-04-15 15:15:17
CVE-2020-0999
2020-04-15 15:15:19
CVE-2020-0988
2020-04-15 15:15:19
prion
prion
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
nvd
nvd
CVE-2020-0992
2020-04-15 15:15:19
CVE-2020-0994
2020-04-15 15:15:19
CVE-2020-0995
2020-04-15 15:15:19
cvelist
cvelist
CVE-2020-0889
2020-04-15 15:12:43
CVE-2020-0960
2020-04-15 15:13:04
CVE-2020-0999
2020-04-15 15:13:19
mskb
mskb
April 14, 2020—KB4550957 (Security-only update)
2020-04-14 07:00:00
April 14, 2020—KB4550951 (Monthly Rollup)
2020-04-14 07:00:00
April 14, 2020—KB4550971 (Security-only update)
2020-04-14 07:00:00
nessus
nessus
KB4550957: Windows Server 2008 April 2020 Security Update
2020-04-14 00:00:00
KB4550965: Windows 7 and Windows Server 2008 R2 April 2020 Security Update
2020-04-14 00:00:00
KB4550970: Windows 8.1 and Windows Server 2012 R2 April 2020 Security Update
2020-04-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4550961)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550964)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550930)
2020-04-15 00:00:00
kaspersky
kaspersky
KLA11743 Multiple vulnerabilities in Microsoft products (ESU)
2020-04-14 00:00:00
KLA11744 Multiple vulnerabilities in Microsoft Windows
2020-04-14 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday April 2020: my classification script, confusing RCE in Adobe Type Manager and updates for older vulnerabilities
2020-04-26 01:24:38

0.01 Low

EPSS

Percentile

83.9%

JSON
Related for ZDI-20-458
mscve1cve10prion10nvd10cvelist10mskb14nessus10openvas8kaspersky2avleonov1