CVE-2020-1176
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
20Public Exploits
0Exploited in Wild
-Decision
Descriptions
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1175.
Se presenta una vulnerabilidad de ejecución de código remota cuando el Windows Jet Database Engine maneja inapropiadamente objetos en memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2020-1051, CVE-2020-1174, CVE-2020-1175.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the JET database engine. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-04 CVE Reserved
- 2020-05-12 CVE Published
- 2024-08-04 CVE Updated
- 2025-02-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advis... | 2021-07-21 |
| URL | Date | SRC |
|---|