CVE-2020-0938

CVE Published 2020-04-15
Related CWE(s) CWE-787: Out-of-bounds Write
Related Vendor(s) microsoft
Related Product(s) windows_8.1, windows_server_2008, windows_10, windows_server_2012, windows_server_2019, windows_server_2016, windows_7, windows_rt_8.1
Exploitation Reported (CISA KEV) 2021-11-03
CVSS 3 Base Score 7.8 (HIGH)
CVSS 3 Attack Complexity LOW
CVSS 3 Attack Vector LOCAL

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1020.

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

References