Description

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.

Remediation

References

CVE-2020-1342

Related Vulnerabilities

Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20102)

Spring Cloud Gateway Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-22947)

WordPress Plugin Elementor Addon Elements Multiple Cross-Site Scripting Vulnerabilities (1.11.1)

Ruby on Rails 7PK - Security Features Vulnerability (CVE-2015-7576)

Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.15)

Severity

Medium

Classification

CVE-2020-1342 CWE-125 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities