High severity7.8NVD Advisory· Published Oct 16, 2020· Updated Jun 17, 2026
CVE-2020-16915
CVE-2020-16915
Description
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage. The security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*range: 10.0.0
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*+ 1 more
- cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*range: 10.0.0
- cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*range: 10.0.0
Patches
Vulnerability mechanics
References
2- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16915nvdPatchVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-20-1257/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.