CVE-2020-1342

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
microsoft365_apps
-
microsoftoffice_online_server
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1342
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1342