CVE-2020-1458

High

A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL)…

microsoft·CWE-426·Published 2020-07-14

CVSS

7.8

EPSS

0.11

KEV

Exploits

cve.orgen

202 chars

A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files, aka 'Microsoft Office Remote Code Execution Vulnerability'.

NVDen

202 chars

NVDes

253 chars

Se presenta una vulnerabilidad de ejecución de código remota cuando Microsoft Office comprueba inapropiadamente la entrada antes de cargar archivos dynamic link library (DLL), también se conoce como "Microsoft Office Remote Code Execution Vulnerability"

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.3	8.6	10.0	AV:N/AC:M/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H