CVE-2020-0714
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka ‘DirectX Information Disclosure Vulnerability’.
Source: CVE-2020-0714
[월:] 2020년 02월
CVE-2020-0693
CVE-2020-0693
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique from CVE-2020-0694.
Source: CVE-2020-0693
CVE-2020-0694
CVE-2020-0694
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique from CVE-2020-0693.
Source: CVE-2020-0694
CVE-2020-0695
CVE-2020-0695
A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka ‘Microsoft Office Online Server Spoofing Vulnerability’.
Source: CVE-2020-0695
CVE-2020-0696
CVE-2020-0696
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka ‘Microsoft Outlook Security Feature Bypass Vulnerability’.
Source: CVE-2020-0696
CVE-2020-0697
CVE-2020-0697
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka ‘Microsoft Office Tampering Vulnerability’.
Source: CVE-2020-0697
CVE-2020-0698
CVE-2020-0698
An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka ‘Windows Information Disclosure Vulnerability’.
Source: CVE-2020-0698
CVE-2020-0691
CVE-2020-0691
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.
Source: CVE-2020-0691
CVE-2020-0692
CVE-2020-0692
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka ‘Microsoft Exchange Server Elevation of Privilege Vulnerability’.
Source: CVE-2020-0692
CVE-2020-0686
CVE-2020-0686
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka ‘Windows Installer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0683.
Source: CVE-2020-0686