Описание
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, , obtain sensitive information, spoof user interface, cause denial of service.
Below is a complete list of vulnerabilities:
- A memory corruption vulnerability in Media Foundation can be exploited remotely via specially crafted document to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Storage Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Work Folder Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Runtime can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows CDP User Components can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows WalletService can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
- Security vulnerability in Windows can be exploited to bypass security restrictions and cause denial of service.
- An elevation of privilege vulnerability in Windows CSC Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Work Folders Service can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows Image Acquisition Service can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Media Foundation can be exploited remotely via specially crafted file to obtain sensitive information.
- An elevation of privilege vulnerability in Windows GDI can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Windows Codecs Library can be exploited remotely via specially crafted image to execute arbitrary code.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Setup can be exploited remotely to gain privileges.
- An information disclosure vulnerability in DirectWrite can be exploited remotely via specially crafted document to obtain sensitive information.
- An elevation of privilege vulnerability in Netlogon can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Server Resource Management Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in DirectX can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows dnsrslvr.dll can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows Media can be exploited remotely via specially crafted document to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely via specially crafted script to gain privileges.
- An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted authentication to gain privileges.
- An elevation of privilege vulnerability in Windows Hard Link can be exploited remotely via specially crafted application to gain privileges.
- A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Windows RRAS Service can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Windows ARM can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Windows File Server Resource Management Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows UPnP Device Host can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Telephony Server can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows State Repository Service can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Connected User Experiences and Telemetry Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Radio Manager API can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Speech Runtime can be exploited remotely via specially crafted application to gain privileges.
- A remote code execution vulnerability in Windows Font Driver Host can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Custom Protocol Engine can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Network Connection Broker can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Speech Shell Components can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Backup Service can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Accounts Control can be exploited remotely via specially crafted application to gain privileges.
- A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely via specially crafted requests to cause denial of service.
- An elevation of privilege vulnerability in Windows Registry can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows WaasMedic Service can be exploited remotely via specially crafted application to obtain sensitive information.
Первичный источник обнаружения
- CVE-2020-1492
CVE-2020-1490
CVE-2020-1552
CVE-2020-1553
CVE-2020-1550
CVE-2020-1551
CVE-2020-1556
CVE-2020-1557
CVE-2020-1554
CVE-2020-1558
CVE-2020-1417
CVE-2020-1488
CVE-2020-1489
CVE-2020-1484
CVE-2020-1485
CVE-2020-1486
CVE-2020-1487
CVE-2020-1480
CVE-2020-1566
CVE-2020-1565
CVE-2020-1564
CVE-2020-1562
CVE-2020-1561
CVE-2020-1560
CVE-2020-1578
CVE-2020-1579
CVE-2020-1571
CVE-2020-1574
CVE-2020-1577
CVE-2020-1470
CVE-2020-1473
CVE-2020-1472
CVE-2020-1475
CVE-2020-1474
CVE-2020-1477
CVE-2020-1479
CVE-2020-1478
CVE-2020-1585
CVE-2020-1584
CVE-2020-1587
CVE-2020-1339
CVE-2020-1337
CVE-2020-1509
CVE-2020-1467
CVE-2020-1464
CVE-2020-1383
CVE-2020-1459
CVE-2020-1518
CVE-2020-1519
CVE-2020-1516
CVE-2020-1517
CVE-2020-1515
CVE-2020-1512
CVE-2020-1513
CVE-2020-1510
CVE-2020-1511
CVE-2020-1529
CVE-2020-1528
CVE-2020-1522
CVE-2020-1521
CVE-2020-1520
CVE-2020-1527
CVE-2020-1526
CVE-2020-1525
CVE-2020-1524
CVE-2020-1534
CVE-2020-1535
CVE-2020-1536
CVE-2020-1537
CVE-2020-1530
CVE-2020-1531
CVE-2020-1533
CVE-2020-1466
CVE-2020-1538
CVE-2020-1539
CVE-2020-1377
CVE-2020-1378
CVE-2020-1379
CVE-2020-1541
CVE-2020-1540
CVE-2020-1543
CVE-2020-1542
CVE-2020-1545
CVE-2020-1544
CVE-2020-1547
CVE-2020-1546
CVE-2020-1549
CVE-2020-1548
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Windows-10
Список CVE
- CVE-2020-1488 high
- CVE-2020-1379 high
- CVE-2020-1537 critical
- CVE-2020-1383 high
- CVE-2020-1475 critical
- CVE-2020-1545 critical
- CVE-2020-1579 critical
- CVE-2020-1470 critical
- CVE-2020-1536 critical
- CVE-2020-1577 critical
- CVE-2020-1552 critical
- CVE-2020-1535 critical
- CVE-2020-1473 high
- CVE-2020-1551 critical
- CVE-2020-1530 critical
- CVE-2020-1474 critical
- CVE-2020-1518 critical
- CVE-2020-1519 critical
- CVE-2020-1516 critical
- CVE-2020-1478 critical
- CVE-2020-1558 critical
- CVE-2020-1515 critical
- CVE-2020-1538 critical
- CVE-2020-1539 critical
- CVE-2020-1557 high
- CVE-2020-1554 critical
- CVE-2020-1472 high
- CVE-2020-1517 critical
- CVE-2020-1484 critical
- CVE-2020-1485 high
- CVE-2020-1486 critical
- CVE-2020-1544 critical
- CVE-2020-1529 critical
- CVE-2020-1584 critical
- CVE-2020-1587 critical
- CVE-2020-1377 critical
- CVE-2020-1477 high
- CVE-2020-1339 critical
- CVE-2020-1337 critical
- CVE-2020-1378 critical
- CVE-2020-1564 critical
- CVE-2020-1562 critical
- CVE-2020-1513 critical
- CVE-2020-1541 critical
- CVE-2020-1540 critical
- CVE-2020-1543 critical
- CVE-2020-1542 critical
- CVE-2020-1534 critical
- CVE-2020-1467 critical
- CVE-2020-1464 critical
- CVE-2020-1546 critical
- CVE-2020-1547 critical
- CVE-2020-1520 critical
- CVE-2020-1489 critical
- CVE-2020-1492 critical
- CVE-2020-1490 critical
- CVE-2020-1553 critical
- CVE-2020-1550 critical
- CVE-2020-1556 critical
- CVE-2020-1417 high
- CVE-2020-1487 critical
- CVE-2020-1480 critical
- CVE-2020-1566 warning
- CVE-2020-1565 critical
- CVE-2020-1561 critical
- CVE-2020-1560 critical
- CVE-2020-1578 warning
- CVE-2020-1571 high
- CVE-2020-1574 high
- CVE-2020-1479 critical
- CVE-2020-1585 critical
- CVE-2020-1509 critical
- CVE-2020-1459 critical
- CVE-2020-1512 critical
- CVE-2020-1510 high
- CVE-2020-1511 critical
- CVE-2020-1528 critical
- CVE-2020-1522 critical
- CVE-2020-1521 critical
- CVE-2020-1527 critical
- CVE-2020-1526 critical
- CVE-2020-1525 critical
- CVE-2020-1524 critical
- CVE-2020-1531 critical
- CVE-2020-1533 critical
- CVE-2020-1466 critical
- CVE-2020-1549 critical
- CVE-2020-1548 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!