Sign-up

ID

VAR-202003-0350


CVE

CVE-2020-0504


TITLE

Intel(R) Graphics Driver Classic buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-003086

DESCRIPTION

Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access. (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A buffer error vulnerability exists in Intel Graphics Drivers prior to 15.40.44.5107, 15.45.30.5103 and 26.20.100.7158. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2020-0504 // JVNDB: JVNDB-2020-003086 // VULHUB: VHN-161938

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:gteversion:15.45

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:15.45.30.5103

Trust: 1.0

vendor:intelmodel:graphics driverscope:gteversion:15.40

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:15.40.44.5107

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.7158

Trust: 1.0

vendor:intelmodel:graphics driverscope:gteversion:26.20

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.44.5107

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:15.45.30.5103

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:26.20.100.7158

Trust: 0.8

sources: JVNDB: JVNDB-2020-003086 // NVD: CVE-2020-0504

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-0504
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-003086
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202003-566
value: HIGH

Trust: 0.6

VULHUB: VHN-161938
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-0504
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-003086
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-161938
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-0504
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003086
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-161938 // JVNDB: JVNDB-2020-003086 // CNNVD: CNNVD-202003-566 // NVD: CVE-2020-0504

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.9

sources: VULHUB: VHN-161938 // JVNDB: JVNDB-2020-003086 // NVD: CVE-2020-0504

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202003-566

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202003-566

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-003086

PATCH
title:INTEL-SA-00315url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html
Trust: 0.8
title:Intel Graphics Drivers Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111512
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-003086 // 
            
            
            
            CNNVD: CNNVD-202003-566

EXTERNAL IDS
db:NVDid:CVE-2020-0504
Trust: 2.5
db:JVNid:JVNVU94445466
Trust: 0.8
db:JVNDBid:JVNDB-2020-003086
Trust: 0.8
db:CNNVDid:CNNVD-202003-566
Trust: 0.7
db:LENOVOid:LEN-30555
Trust: 0.6
db:AUSCERTid:ESB-2020.0871
Trust: 0.6
db:CNVDid:CNVD-2020-16726
Trust: 0.1
db:VULHUBid:VHN-161938
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161938 // 
            
            
            
            JVNDB: JVNDB-2020-003086 // 
            
            
            
            CNNVD: CNNVD-202003-566 // 
            
            
            
            NVD: CVE-2020-0504

REFERENCES
url:https://security.netapp.com/advisory/ntap-20200320-0003/
Trust: 1.7
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00315.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-0504
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-0504
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94445466/index.html
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.0871/
Trust: 0.6
url:https://support.lenovo.com/us/en/product_security/len-30555
Trust: 0.6
sources:
            
            
            VULHUB: VHN-161938 // 
            
            
            
            JVNDB: JVNDB-2020-003086 // 
            
            
            
            CNNVD: CNNVD-202003-566 // 
            
            
            
            NVD: CVE-2020-0504

SOURCES
db:VULHUBid:VHN-161938
db:JVNDBid:JVNDB-2020-003086
db:CNNVDid:CNNVD-202003-566
db:NVDid:CVE-2020-0504

LAST UPDATE DATE
2024-11-23T20:51:05.921000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-161938date:2021-05-19T00:00:00
db:JVNDBid:JVNDB-2020-003086date:2020-04-03T00:00:00
db:CNNVDid:CNNVD-202003-566date:2021-05-24T00:00:00
db:NVDid:CVE-2020-0504date:2024-11-21T04:53:37.950

SOURCES RELEASE DATE
db:VULHUBid:VHN-161938date:2020-03-12T00:00:00
db:JVNDBid:JVNDB-2020-003086date:2020-04-03T00:00:00
db:CNNVDid:CNNVD-202003-566date:2020-03-10T00:00:00
db:NVDid:CVE-2020-0504date:2020-03-12T18:15:12.023