CVE Vulnerabilities

CVE-2020-1410

Published: Jul 14, 2020 | Modified: Sep 28, 2020
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB), aka Windows Address Book Remote Code Execution Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_10 Microsoft - -
Windows_10 Microsoft - -
Windows_10 Microsoft 1607 1607
Windows_10 Microsoft 1607 1607
Windows_10 Microsoft 1709 1709
Windows_10 Microsoft 1709 1709
Windows_10 Microsoft 1709 1709
Windows_10 Microsoft 1803 1803
Windows_10 Microsoft 1803 1803
Windows_10 Microsoft 1803 1803
Windows_10 Microsoft 1809 1809
Windows_10 Microsoft 1809 1809
Windows_10 Microsoft 1809 1809
Windows_10 Microsoft 1903 1903
Windows_10 Microsoft 1903 1903
Windows_10 Microsoft 1903 1903
Windows_10 Microsoft 1909 1909
Windows_10 Microsoft 1909 1909
Windows_10 Microsoft 1909 1909
Windows_10 Microsoft 2004 2004
Windows_10 Microsoft 2004 2004
Windows_10 Microsoft 2004 2004
Windows_7 Microsoft - -
Windows_7 Microsoft - -
Windows_8.1 Microsoft - -
Windows_8.1 Microsoft - -
Windows_rt_8.1 Microsoft - -
Windows_server_2008 Microsoft - -
Windows_server_2008 Microsoft - -
Windows_server_2012 Microsoft - -
Windows_server_2012 Microsoft r2 r2
Windows_server_2016 Microsoft - -
Windows_server_2016 Microsoft 1903 1903
Windows_server_2016 Microsoft 1909 1909
Windows_server_2016 Microsoft 2004 2004
Windows_server_2019 Microsoft - -

References