Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiLm0963 of DBAppSecurity Zion LabZDI-20-876
HistoryJul 16, 2020 - 12:00 a.m.

Microsoft Windows mf3216 EMF EMR_SETDIBITSTODEVICE Out-Of-Bounds Read Information Disclosure Vulnerability

2020-07-1600:00:00
lm0963 of DBAppSecurity Zion Lab
www.zerodayinitiative.com
14

0.001 Low

EPSS

Percentile

31.5%

JSON

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of EMF images in mf3216.dll. A crafted EMR_SETDIBITSTODEVICE record in an EMF image can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.

Related

mscve 1
zdi 1
prion 3
cve 3
nvd 3
cvelist 3
mskb 14
nessus 10
kaspersky 2
openvas 8
avleonov 1
mscve
mscve
Microsoft Graphics Component Information Disclosure Vulnerability
2020-04-14 07:00:00
zdi
zdi
Microsoft Windows EMF EMR_SETDIBITSTODEVICE Out-Of-Bounds Read Information Disclosure Vulnerability
2020-05-12 00:00:00
prion
prion
Information disclosure
2020-04-15 15:15:00
Information disclosure
2020-04-15 15:15:00
Information disclosure
2020-04-15 15:15:00
cve
cve
CVE-2020-0987
2020-04-15 15:15:19
CVE-2020-0982
2020-04-15 15:15:18
CVE-2020-1005
2020-04-15 15:15:20
nvd
nvd
CVE-2020-0987
2020-04-15 15:15:19
CVE-2020-0982
2020-04-15 15:15:18
CVE-2020-1005
2020-04-15 15:15:20
cvelist
cvelist
CVE-2020-0982
2020-04-15 15:13:14
CVE-2020-1005
2020-04-15 15:13:22
CVE-2020-0987
2020-04-15 15:13:15
mskb
mskb
April 14, 2020—KB4550957 (Security-only update)
2020-04-14 07:00:00
April 14, 2020—KB4550951 (Monthly Rollup)
2020-04-14 07:00:00
April 14, 2020—KB4550971 (Security-only update)
2020-04-14 07:00:00
nessus
nessus
KB4550957: Windows Server 2008 April 2020 Security Update
2020-04-14 00:00:00
KB4550965: Windows 7 and Windows Server 2008 R2 April 2020 Security Update
2020-04-14 00:00:00
KB4550970: Windows 8.1 and Windows Server 2012 R2 April 2020 Security Update
2020-04-14 00:00:00
kaspersky
kaspersky
KLA11743 Multiple vulnerabilities in Microsoft products (ESU)
2020-04-14 00:00:00
KLA11744 Multiple vulnerabilities in Microsoft Windows
2020-04-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4550964)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550961)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550930)
2020-04-15 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday April 2020: my classification script, confusing RCE in Adobe Type Manager and updates for older vulnerabilities
2020-04-26 01:24:38

0.001 Low

EPSS

Percentile

31.5%

JSON
Related for ZDI-20-876
mscve1zdi1prion3cve3nvd3cvelist3mskb14nessus10kaspersky2openvas8avleonov1