VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 11, 2020· Updated Aug 4, 2024

Windows Media Audio Decoder Remote Code Execution Vulnerability

CVE-2020-1508

Description

<p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p> <p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.</p> <p>The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles objects.</p>

Affected products

13
  • Microsoft/Windows 10 1507v5
    cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • Microsoft/Windows 10 1607v5
    cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • Microsoft/Windows 10v52 versions
    cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
  • Microsoft/Windows 10 1809v52 versions
    cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*+ 1 more
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*range: 10.0.0
    • cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*range: 10.0.0
  • Microsoft/Windows 10 1909v5
    cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
    Range: 10.0.0
  • Microsoft/Windows 7v52 versions
    cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*+ 1 more
    • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*range: 6.1.0
    • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*range: 6.1.0
  • Microsoft/Windows 8.1v5
    cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
    Range: 6.3.0
  • Microsoft/Windows Server 2012v5
    cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Range: 6.2.0
  • Microsoft/Windows Server 2016v5
    cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Range: 10.0.0
  • Microsoft/Windows Server 2019v5
    cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Range: 10.0.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.