{
    "containers": {
        "cna": {
            "title": "Microsoft Word Information Disclosure Vulnerability",
            "datePublic": "2020-08-11T07:00:00+00:00",
            "affected": [
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft SharePoint Enterprise Server 2016",
                    "cpes": [
                        "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*"
                    ],
                    "platforms": [
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "16.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft SharePoint Enterprise Server 2013 Service Pack 1",
                    "cpes": [
                        "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"
                    ],
                    "platforms": [
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "15.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft SharePoint Server 2019",
                    "cpes": [
                        "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "16.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office 2019",
                    "cpes": [
                        "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "32-bit Systems",
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "19.0.0",
                            "lessThan": "https://aka.ms/OfficeSecurityReleases",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office 2019 for Mac",
                    "cpes": [
                        "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
                    ],
                    "platforms": [
                        "Unknown"
                    ],
                    "versions": [
                        {
                            "version": "16.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office Online Server",
                    "cpes": [
                        "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "Unknown"
                    ],
                    "versions": [
                        {
                            "version": "16.0.1",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft 365 Apps for Enterprise",
                    "cpes": [
                        "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
                    ],
                    "platforms": [
                        "32-bit Systems",
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "16.0.1",
                            "lessThan": "https://aka.ms/OfficeSecurityReleases",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Word 2016",
                    "cpes": [
                        "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "32-bit Systems",
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "16.0.1",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office 2016 for Mac",
                    "cpes": [
                        "cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os:*:*"
                    ],
                    "platforms": [
                        "Unknown"
                    ],
                    "versions": [
                        {
                            "version": "16.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office 2010 Service Pack 2",
                    "cpes": [
                        "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "32-bit Systems",
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "13.0.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office Web Apps 2010 Service Pack 2",
                    "cpes": [
                        "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "Unknown"
                    ],
                    "versions": [
                        {
                            "version": "13.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Office Web Apps 2013 Service Pack 1",
                    "cpes": [
                        "cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "Unknown"
                    ],
                    "versions": [
                        {
                            "version": "15.0.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft SharePoint Server 2010 Service Pack 2",
                    "cpes": [
                        "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "Unknown"
                    ],
                    "versions": [
                        {
                            "version": "13.0.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Word 2010 Service Pack 2",
                    "cpes": [
                        "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "32-bit Systems",
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "13.0.0.0",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Word 2013 Service Pack 1",
                    "cpes": [
                        "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "ARM64-based Systems",
                        "32-bit Systems"
                    ],
                    "versions": [
                        {
                            "version": "15.0.1",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                },
                {
                    "vendor": "Microsoft",
                    "product": "Microsoft Word 2013 Service Pack 1 ",
                    "cpes": [
                        "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
                    ],
                    "platforms": [
                        "x64-based Systems"
                    ],
                    "versions": [
                        {
                            "version": "15.0.1",
                            "lessThan": "publication",
                            "versionType": "custom",
                            "status": "affected"
                        }
                    ]
                }
            ],
            "descriptions": [
                {
                    "value": "An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.\nTo exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created.\nThe update addresses the vulnerability by changing the way certain Word functions handle objects in memory.\n",
                    "lang": "en-US"
                }
            ],
            "problemTypes": [
                {
                    "descriptions": [
                        {
                            "description": "Remote Code Execution",
                            "lang": "en-US",
                            "type": "Impact"
                        }
                    ]
                }
            ],
            "providerMetadata": {
                "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
                "shortName": "microsoft",
                "dateUpdated": "2024-05-29T16:33:04.458Z"
            },
            "references": [
                {
                    "tags": [
                        "x_refsource_MISC"
                    ],
                    "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1503"
                }
            ]
        },
        "adp": [
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-04T06:39:10.374Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "tags": [
                            "x_refsource_MISC",
                            "x_transferred"
                        ],
                        "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1503"
                    }
                ]
            }
        ]
    },
    "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1503",
        "datePublished": "2020-08-17T19:13:18",
        "dateReserved": "2019-11-04T00:00:00",
        "dateUpdated": "2024-08-04T06:39:10.374Z",
        "state": "PUBLISHED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1"
}