CVE-2020-1240
Description
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
References
PatchVendor Advisory
CvssV3 impact
BaseSeverity | HIGH |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | HIGH |
IntegrityImpact | HIGH |
PrivilegesRequired | NONE |
BaseScore | 8.8 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Version | 3.1 |
UserInteraction | REQUIRED |
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | COMPLETE |
AvailabilityImpact | COMPLETE |
IntegrityImpact | COMPLETE |
BaseScore | 9.300000190734863 |
VectorString | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | NONE |