Vulnerability Details CVE-2020-1119
<p>An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p>
<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p>
<p>The update addresses the vulnerability by correcting the way in which StartTileData.dll handles objects in memory.</p>
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
Products affected by CVE-2020-1119
-
cpe:2.3:o:microsoft:windows_10:1903
-
cpe:2.3:o:microsoft:windows_10:1909
-
cpe:2.3:o:microsoft:windows_10:2004
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004