{"containers":{"cna":{"title":"WinINet API Elevation of Privilege Vulnerability","datePublic":"2020-09-08T07:00:00.000Z","affected":[{"vendor":"Microsoft","product":"Internet Explorer 11","cpes":["cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"],"platforms":["Windows 10 Version 2004 for 32-bit Systems","Windows 10 Version 2004 for ARM64-based Systems","Windows 10 Version 2004 for x64-based Systems","Windows 10 Version 1803 for 32-bit Systems","Windows 10 Version 1803 for x64-based Systems","Windows 10 Version 1803 for ARM64-based Systems","Windows 10 Version 1809 for 32-bit Systems","Windows 10 Version 1809 for x64-based Systems","Windows 10 Version 1809 for ARM64-based Systems","Windows Server 2019","Windows 10 Version 1909 for 32-bit Systems","Windows 10 Version 1909 for x64-based Systems","Windows 10 Version 1909 for ARM64-based Systems","Windows 10 Version 1709 for 32-bit Systems","Windows 10 Version 1709 for x64-based Systems","Windows 10 Version 1709 for ARM64-based Systems","Windows 10 Version 1903 for 32-bit Systems","Windows 10 Version 1903 for x64-based Systems","Windows 10 Version 1903 for ARM64-based Systems","Windows 10 for 32-bit Systems","Windows 10 for x64-based Systems","Windows 10 Version 1607 for 32-bit Systems","Windows 10 Version 1607 for x64-based Systems","Windows Server 2016","Windows 7 for 32-bit Systems Service Pack 1","Windows 7 for x64-based Systems Service Pack 1","Windows 8.1 for 32-bit systems","Windows 8.1 for x64-based systems","Windows RT 8.1","Windows Server 2008 R2 for x64-based Systems Service Pack 1","Windows Server 2012","Windows Server 2012 R2"],"versions":[{"version":"1.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]}],"descriptions":[{"value":"<p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability:</p>\n<ul>\n<li><p>In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.</p>\n</li>\n<li><p>In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.</p>\n</li>\n</ul>\n<p>The security update addresses the vulnerability by ensuring the Wininit.dll properly handles objects in memory.</p>","lang":"en-US"}],"problemTypes":[{"descriptions":[{"description":"Elevation of Privilege","lang":"en-US","type":"Impact"}]}],"providerMetadata":{"orgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","shortName":"microsoft","dateUpdated":"2023-12-31T21:34:32.799Z"},"references":[{"tags":["x_refsource_MISC"],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1012"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en-US","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","baseSeverity":"HIGH","baseScore":8.8,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T06:24:59.552Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1012"}]}]},"cveMetadata":{"assignerOrgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","assignerShortName":"microsoft","cveId":"CVE-2020-1012","datePublished":"2020-09-11T17:08:50.000Z","dateReserved":"2019-11-04T00:00:00.000Z","dateUpdated":"2024-08-04T06:24:59.552Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}