An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.
The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.
Metrics
Affected Vendors & Products
References
History
Tue, 01 Oct 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: microsoft
Published: 2020-08-17T19:13:48
Updated: 2024-10-01T15:57:36.126Z
Reserved: 2019-11-04T00:00:00
Link: CVE-2020-1577
Vulnrichment
Updated: 2024-08-04T06:39:10.621Z
NVD
Status : Modified
Published: 2020-08-17T19:15:21.163
Modified: 2024-11-21T05:10:52.923
Link: CVE-2020-1577
Redhat
No data.