Lucene search
@expend20ZDI-20-923HistoryJul 23, 2020 - 12:00 a.m.
Microsoft Windows LNK File Parsing Type Confusion Remote Code Execution Vulnerability
2020-07-2300:00:00
@expend20
www.zerodayinitiative.com
42
0.095 Low
EPSS
Percentile
94.8%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LNK files in StructuredQuery.dll. A crafted LeafCondition element can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mscve
mscve
LNK Remote Code Execution Vulnerability
2020-07-14 07:00:00
cve
cve
CVE-2020-1421
2020-07-14 23:15:18
prion
prion
Remote code execution
2020-07-14 23:15:00
cvelist
cvelist
CVE-2020-1421
2020-07-14 22:54:36
nvd
nvd
CVE-2020-1421
2020-07-14 23:15:18
krebs
krebs
โWormableโ Flaw Leads July Microsoft Patches
2020-07-14 21:45:28
mskb
mskb
July 14, 2020โKB4565536 (Monthly Rollup)
2020-07-14 07:00:00
July 14, 2020โKB4565529 (Security-only update)
2020-07-14 07:00:00
July 14, 2020โKB4565539 (Security-only update)
2020-07-14 07:00:00
nessus
nessus
KB4565529: Windows Server 2008 July 2020 Security Update
2020-07-14 00:00:00
KB4565539: Windows 7 and Windows Server 2008 R2 July 2020 Security Update
2020-07-14 00:00:00
KB4565540: Windows 8.1 and Windows Server 2012 R2 July 2020 Security Update
2020-07-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4565536)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565524)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565541)
2020-07-15 00:00:00
kaspersky
kaspersky
KLA11863 Multiple vulnerabilities in Microsoft Products (ESU)
2020-07-14 00:00:00
KLA11865 Multiple vulnerabilities in Microsoft Windows
2020-07-14 00:00:00
avleonov
avleonov