{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T22:03:53.202","vulnerabilities":[{"cve":{"id":"CVE-2020-1436","sourceIdentifier":"secure@microsoft.com","published":"2020-07-14T23:15:19.137","lastModified":"2024-11-21T05:10:32.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota cuando Windows Font Library maneja inapropiadamente fuentes especialmente diseñadas. Para todos los sistemas, excepto Windows 10, un atacante que haya explotado con éxito la vulnerabilidad podría ejecutar código remotamente, también se conoce como \"Windows Font Library Remote Code Execution Vulnerability\""}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*","matchCriteriaId":"21540673-614A-4D40-8BD7-3F07723803B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*","matchCriteriaId":"E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*","matchCriteriaId":"83B14968-3985-43C3-ACE5-8307196EFAE3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*","matchCriteriaId":"7CB85C75-4D35-480E-843D-60579EC75FCB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*","matchCriteriaId":"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*","matchCriteriaId":"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*","matchCriteriaId":"E9273B95-20ED-4547-B0A8-95AD15B30372"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*","matchCriteriaId":"AAE74AF3-C559-4645-A6C0-25C3D647AAC8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*","matchCriteriaId":"C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*","matchCriteriaId":"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*","matchCriteriaId":"C6CE5198-C498-4672-AF4C-77AB4BE06C5C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*","matchCriteriaId":"5F422A8C-2C4E-42C8-B420-E0728037E15C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*","matchCriteriaId":"2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*","matchCriteriaId":"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*","matchCriteriaId":"5B921FDB-8E7D-427E-82BE-4432585080CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*","matchCriteriaId":"C253A63F-03AB-41CB-A03A-B2674DEA98AA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*","matchCriteriaId":"0B60D940-80C7-49F0-8F4E-3F99AC15FA82"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2020/08/25/3","source":"secure@microsoft.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2020/08/25/5","source":"secure@microsoft.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-877/","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.openwall.com/lists/oss-security/2020/08/25/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2020/08/25/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-877/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}