VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

.NET Framework Information Disclosure Vulnerability

CVE-2020-16937

Description

An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory. To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application. The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.

Affected products

10
  • Microsoft/Netv55 versions
    cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*range: 2.0.0
    • cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*range: 3.5.0
    • cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*range: 3.5.0
    • cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*range: 4.7.0
    • cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*range: 4.8.0
  • cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*range: 3.5.0
    • cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*range: 3.0.0.0
    • cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*range: 4.0.0.0
    • cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*range: 4.0.0.0
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.