CVE-2020-16937
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Summary
<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p> <p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p>
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microsoft | Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 | 4.0.0.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 4.8 | 4.8.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 | 4.8.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.7.2 | 4.7.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 | 3.0.0.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 | 3.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 | 3.5.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 4.6 | 4.0.0.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 2.0 Service Pack 2 | 2.0.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5 | 3.5.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 3.5.1 | 3.5.0 < publication | affected |
| Microsoft | Microsoft .NET Framework 4.5.2 | 4.0.0.0 < publication | affected |
Weaknesses
- Information Disclosure
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.