Oct 2020: .NET Framework Information Disclosure Vulnerability
CVE-2020-16937 Published on October 16, 2020
.NET Framework Information Disclosure Vulnerability
<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p>
<p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p>
<p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p>
Products Associated with CVE-2020-16937
stack.watch emails you whenever new vulnerabilities are published in Microsoft .NET Framework or Microsoft Net. Just hit a watch button to start following.
Affected Versions
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2:- Version 4.0.0.0 and below publication is affected.
- Version 4.8.0 and below publication is affected.
- Version 4.8.0 and below publication is affected.
- Version 4.7.0 and below publication is affected.
- Version 3.0.0.0 and below publication is affected.
- Version 3.0 and below publication is affected.
- Version 3.5.0 and below publication is affected.
- Version 4.0.0.0 and below publication is affected.
- Version 2.0.0 and below publication is affected.
- Version 3.5.0 and below publication is affected.
- Version 3.5.0 and below publication is affected.
- Version 4.0.0.0 and below publication is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.