CVE-2020-1400

high

Description

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1400

https://www.zerodayinitiative.com/advisories/ZDI-20-924/

Details

Source: MITRE

Published: 2020-07-14

Updated: 2022-04-27

Type: CWE-191

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH