CVE-2020-1342
CVE-2020-1342
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 6.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.
Affected products
Microsoft · Microsoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft · Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft · Microsoft OfficeMicrosoft · Microsoft Office Online ServerMicrosoft · Microsoft Office Web AppsMicrosoft · Microsoft SharePoint Enterprise ServerMicrosoft · Microsoft SharePoint ServerMicrosoft · Microsoft Word