A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1020.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938 | Patch Vendor Advisory |
http://packetstormsecurity.com/files/161299/Apple-CoreText-libFontParser.dylib-Stack-Corruption.html | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-04-15 08:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-0938
Mitre link : CVE-2020-0938
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
microsoft
- windows_7
- windows_server_2016
- windows_rt_8.1
- windows_server_2019
- windows_8.1
- windows_10
- windows_server_2008
- windows_server_2012