CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1377 – Windows Registry Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1377
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application. The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory. Se presenta una vulnerabilidad de elevación de privilegios cuando la Windows Kernel API, maneja inapropiadamente los objetos de registro en memoria, también se conoce como "Windows Registry Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-1378. The handling of KTM logs does not limit Registry Key operations to the loading hive leading to elevation of privilege. • http://packetstormsecurity.com/files/158938/Microsoft-Windows-CmpDoReDoCreateKey-Arbitrary-Registry-Key-Creation-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1377 •
CVSS: 7.8EPSS: 3%CPEs: 20EXPL: 0CVE-2020-1378 – Windows Registry Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1378
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application. The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory. Se presenta una vulnerabilidad de elevación de privilegios cuando la Windows Kernel API, maneja inapropiadamente los objetos de registro en memoria, también se conoce como "Windows Registry Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-1377. The handling of KTM logs when initializing a Registry Hive contains no bounds checks which results in privilege escalation. • http://packetstormsecurity.com/files/158939/Microsoft-Windows-CmpDoReadTxRBigLogRecord-Memory-Corruption-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1378 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1339 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-1339
A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage. The security update addresses the vulnerability by correcting how Windows Media Audio Codec handles objects. Se presenta una vulnerabilidad de ejecución de código remota cuando Windows Media Audio Codec, maneja inapropiadamente los objetos, también se conoce como "Windows Media Remote Code Execution Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339 •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1492 – Media Foundation Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-1492
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage. The security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory. Se presenta una vulnerabilidad de corrupción de memoria cuando Windows Media Foundation maneja inapropiadamente objetos en memoria, también se conoce como "Media Foundation Memory Corruption Vulnerability". Este ID de CVE es diferente de CVE-2020-1379, CVE-2020-1477, CVE-2020-1478, CVE-2020-1525, CVE-2020-1554. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1492 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1509 – Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1509
An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the target system's LSASS service. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. Se presenta una vulnerabilidad de elevación de privilegios en el Local Security Authority Subsystem Service (LSASS) cuando un atacante autenticado envía una petición de autenticación especialmente diseñada, también se conoce como "Local Security Authority Subsystem Service Elevation of Privilege Vulnerability". On Microsoft Windows 10 1909, LSASS does not correctly enforce the Enterprise Authentication Capability which allows any AppContainer to perform network authentication with the user's credentials. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509 •