CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2020-1467 – Windows Hard Link Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1467
An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows handles hard links. Se presenta una vulnerabilidad de elevación de privilegios cuando Windows, maneja inapropiadamente unos enlaces físicos, también se conoce como "Windows Hard Link Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1467 •
CVSS: 7.8EPSS: 23%CPEs: 20EXPL: 0CVE-2020-1464 – Microsoft Windows Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2020-1464
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded. The update addresses the vulnerability by correcting how Windows validates file signatures. Se presenta una vulnerabilidad de suplantación de identidad cuando Windows, comprueba inapropiadamente las firmas de archivos, también se conoce como "Windows Spoofing Vulnerability". Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files. • https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years https://medium.com/%40TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-1383 – Windows RRAS Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-1383
An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system To exploit this vulnerability, an attacker would need to run a specially crafted application against an RPC server which has Routing and Remote Access enabled. Routing and Remote Access is a non-default configuration; systems without it enabled are not vulnerable. The security update addresses the vulnerability by correcting how the Routing and Remote Access service handles requests. Se presenta una vulnerabilidad de divulgación de información en RPC si el servidor tiene habilitado Routing y Remote Access, también se conoce como "Windows RRAS Service Information Disclosure Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1383 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1379 – Media Foundation Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-1379
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage. The security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory. Se presenta una vulnerabilidad de corrupción de memoria cuando Windows Media Foundation maneja inapropiadamente objetos en memoria, también se conoce como "Media Foundation Memory Corruption Vulnerability". Este ID de CVE es diferente de CVE-2020-1477, CVE-2020-1478, CVE-2020-1492, CVE-2020-1525, CVE-2020-1554. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 20%CPEs: 17EXPL: 0CVE-2020-1380 – Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-1380
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. • http://packetstormsecurity.com/files/163056/Internet-Explorer-jscript9.dll-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380 • CWE-787: Out-of-bounds Write •