5.5

CVE-2020-16937

<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p>
<p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p>
<p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p>

Data is provided by the National Vulnerability Database (NVD)
Microsoft.Net Framework Version2.0 Updatesp2
   MicrosoftWindows Server 2008 Version- Updatesp2
Microsoft.Net Framework Version3.5
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version3.5
   MicrosoftWindows 10 Version1607
   MicrosoftWindows Server 2016 Version-
Microsoft.Net Framework Version4.6.2
   MicrosoftWindows 10 Version1607
   MicrosoftWindows Server 2016 Version-
Microsoft.Net Framework Version4.7
   MicrosoftWindows 10 Version1607
   MicrosoftWindows Server 2016 Version-
Microsoft.Net Framework Version4.7.1
   MicrosoftWindows 10 Version1607
   MicrosoftWindows Server 2016 Version-
Microsoft.Net Framework Version4.7.2
   MicrosoftWindows 10 Version1607
   MicrosoftWindows Server 2016 Version-
Microsoft.Net Framework Version3.5
   MicrosoftWindows 10 Version-
Microsoft.Net Framework Version4.6
   MicrosoftWindows 10 Version-
Microsoft.Net Framework Version4.6.1
   MicrosoftWindows 10 Version-
Microsoft.Net Framework Version4.6.2
   MicrosoftWindows 10 Version-
Microsoft.Net Framework Version3.5
   MicrosoftWindows 10 Version1709
Microsoft.Net Framework Version4.7.1
   MicrosoftWindows 10 Version1709
Microsoft.Net Framework Version4.7.2
   MicrosoftWindows 10 Version1709
Microsoft.Net Framework Version3.5
   MicrosoftWindows 10 Version1803
   MicrosoftWindows 10 Version1809
   MicrosoftWindows Server 2019 Version-
Microsoft.Net Framework Version4.7.2
   MicrosoftWindows 10 Version1803
   MicrosoftWindows 10 Version1809
   MicrosoftWindows Server 2019 Version-
Microsoft.Net Framework Version3.5
   MicrosoftWindows 10 Version1809
   MicrosoftWindows 10 Version1903
   MicrosoftWindows 10 Version1909
   MicrosoftWindows 10 Version2004
   MicrosoftWindows Server 2016 Version1903
   MicrosoftWindows Server 2016 Version1909
   MicrosoftWindows Server 2016 Version2004
   MicrosoftWindows Server 2019 Version-
Microsoft.Net Framework Version4.8
   MicrosoftWindows 10 Version1809
   MicrosoftWindows 10 Version1903
   MicrosoftWindows 10 Version1909
   MicrosoftWindows 10 Version2004
   MicrosoftWindows Server 2016 Version1903
   MicrosoftWindows Server 2016 Version1909
   MicrosoftWindows Server 2016 Version2004
   MicrosoftWindows Server 2019 Version-
Microsoft.Net Framework Version3.5.1
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
Microsoft.Net Framework Version4.5.2
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Version- Updatesp2
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.6
   MicrosoftWindows Server 2008 Version- Updatesp2
Microsoft.Net Framework Version4.6
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.6.1
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.6.2
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.7
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.7.1
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.7.2
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
Microsoft.Net Framework Version4.8
   MicrosoftWindows 10 Version1607
   MicrosoftWindows 10 Version1709
   MicrosoftWindows 10 Version1803
   MicrosoftWindows 7 Version- Updatesp1
   MicrosoftWindows 8.1 Version-
   MicrosoftWindows Rt 8.1 Version-
   MicrosoftWindows Server 2008 Versionr2 Updatesp1
   MicrosoftWindows Server 2012 Version-
   MicrosoftWindows Server 2012 Versionr2
   MicrosoftWindows Server 2016 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 10.46% 0.93
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
secure@microsoft.com 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N