Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

.NET Framework Information Disclosure Vulnerability

CVE-2020-16937

Description

An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory. To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application. The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.

Affected products

Microsoft/Netv55 versions
cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*range: 4.8.0
- cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*range: 4.7.0
- cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*range: 2.0.0
- cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*range: 3.5.0
- cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*range: 3.5.0
Microsoft/.net Frameworkv54 versions
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*range: 3.0.0.0
- cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*range: 3.5.0
- cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*range: 4.0.0.0
- cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*range: 4.0.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16937mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000