Lucene search
Hossein Lotfi of Trend Micro Zero Day InitiativeZDI-20-924HistoryJul 23, 2020 - 12:00 a.m.
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability
2020-07-2300:00:00
Hossein Lotfi of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
25
0.009 Low
EPSS
Percentile
82.5%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database engine. Crafted data in an MDB file can trigger an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mscve
mscve
Jet Database Engine Remote Code Execution Vulnerability
2020-07-14 07:00:00
cnvd
cnvd
nvd
nvd
prion
prion
Remote code execution
2020-07-14 23:15:00
Remote code execution
2020-07-14 23:15:00
Remote code execution
2020-07-14 23:15:00
cvelist
cvelist
cve
cve
mskb
mskb
July 14, 2020âKB4565536 (Monthly Rollup)
2020-07-14 07:00:00
July 14, 2020âKB4565529 (Security-only update)
2020-07-14 07:00:00
July 14, 2020âKB4565539 (Security-only update)
2020-07-14 07:00:00
nessus
nessus
KB4565529: Windows Server 2008 July 2020 Security Update
2020-07-14 00:00:00
KB4565539: Windows 7 and Windows Server 2008 R2 July 2020 Security Update
2020-07-14 00:00:00
KB4565540: Windows 8.1 and Windows Server 2012 R2 July 2020 Security Update
2020-07-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4565536)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565524)
2020-07-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4565541)
2020-07-15 00:00:00
kaspersky
kaspersky
KLA11863 Multiple vulnerabilities in Microsoft Products (ESU)
2020-07-14 00:00:00
KLA11865 Multiple vulnerabilities in Microsoft Windows
2020-07-14 00:00:00
avleonov
avleonov