| ID: CISEC:6767 |
Title: Windows User Profile Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6767 CVE-2019-1454 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing. The security update addresses the vulnerability by correcting how the Windows User Profile Service handles symlinks. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6770 |
Title: Windows UPnP Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6770 CVE-2019-1405 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The update addresses the vulnerability by correcting how the Windows UPnP service accesses COM objects. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6778 |
Title: Windows TCP/IP Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6778 CVE-2019-1324 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to send specially crafted IPv6 packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows handles IPv6 flowlabel data in packets. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6788 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6788 CVE-2019-1416 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6780 |
Title: Windows Remote Procedure Call Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6780 CVE-2019-1409 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. The update addresses the vulnerability by correcting how the Remote Procedure Call runtime initializes objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6781 |
Title: Windows Modules Installer Service Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6781 CVE-2019-1418 |
Severity: Low |
| Description: An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk. To exploit the vulnerability, an attacker would have to log onto an affected system and run a specially crafted application. The update addresses the vulnerability by changing the way Windows Modules Installer Service discloses file information. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6760 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6760 CVE-2019-11135 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6758 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6758 CVE-2019-1392 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6763 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6763 CVE-2019-1415 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an attacker could run arbitrary code with elevated privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the way Windows Installer handles certain filesystem operations. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6739 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6739 CVE-2019-1389 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6743 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6743 CVE-2019-1398 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6772 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6772 CVE-2019-1397 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6750 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6750 CVE-2019-0712 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6786 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6786 CVE-2019-1399 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6793 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6793 CVE-2019-1310 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6794 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6794 CVE-2019-1309 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6755 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6755 CVE-2019-1435 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6746 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6746 CVE-2019-1438 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6756 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6756 CVE-2019-1437 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6773 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6773 CVE-2019-1433 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6789 |
Title: Windows Graphics Component Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6789 CVE-2019-1407 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6792 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6792 CVE-2019-1439 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6764 |
Title: Windows Error Reporting Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6764 CVE-2019-1374 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application or convince a target to run a crafted application. The security update addresses the vulnerability by correcting the way WER handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6740 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6740 CVE-2019-1423 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the StartTileData.dll properly handles this type of function. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6748 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6748 CVE-2019-1422 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the iphlpsvc.dll properly handles this type of functionality. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6759 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6759 CVE-2019-1420 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the dssvc.dll properly handles this type of functionality. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6742 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6742 CVE-2018-12207 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6768 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6768 CVE-2019-1391 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6745 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6745 CVE-2019-1383 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6757 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6757 CVE-2019-1417 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6782 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6782 CVE-2019-1379 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6777 |
Title: Windows Certificate Dialog Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6777 CVE-2019-1388 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by ensuring Windows Certificate Dialog properly enforces user privileges. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6741 |
Title: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6741 CVE-2019-1385 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6752 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6752 CVE-2019-1440 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6754 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6754 CVE-2019-1436 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6747 |
Title: Win32k Graphics Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6747 CVE-2019-1441 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit this vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6753 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6753 CVE-2019-1396 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6744 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6744 CVE-2019-1394 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6761 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6761 CVE-2019-1393 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6762 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6762 CVE-2019-1408 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6769 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6769 CVE-2019-1395 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6790 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6790 CVE-2019-1434 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6749 |
Title: OpenType Font Parsing Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6749 CVE-2019-1456 |
Severity: Medium |
| Description: A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6784 |
Title: OpenType Font Parsing Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6784 CVE-2019-1419 |
Severity: Medium |
| Description: A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6771 |
Title: OpenType Font Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6771 CVE-2019-1412 |
Severity: Low |
| Description: An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. To exploit this vulnerability, an attacker would have to log on to an affected system and open a document containing specially crafted fonts. The update addresses the vulnerability by correcting how ATMFD.dll handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6785 |
Title: NetLogon Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6785 CVE-2019-1424 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission. To exploit the vulnerability, an attacker would require an active man in the middle attack to be in place for the targeted traffic. The update addresses the vulnerability by modifying how Netlogon handles these connections, accounting for potential attack through a man in the middle. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6812 |
Title: Multiple vulnerabilities on Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497... |
Type: Software |
Bulletins:
CISEC:6812 |
Severity: Low |
| Description: Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a command injection vulnerability (CVE-2019-8060); have a buffer error vulnerability (CVE-2019-8048); have a double free vulnerability (CVE-2019-8044); have an internal ip disclosure vulnerability (CVE-2019-8097); have a type confusion vulnerability (CVE-2019-8019); have an out-of-bounds read vulnerability (CVE-2019-8077, CVE-2019-8094, CVE-2019-8095, CVE-2019-8096, CVE-2019-8102, CVE-2019-8103, CVE-2019-8104, CVE-2019-8105, CVE-2019-8106, CVE-2019-8002, CVE-2019-8004, CVE-2019-8005, CVE-2019-8007, CVE-2019-8010, CVE-2019-8011, CVE-2019-8012, CVE-2019-8018, CVE-2019-8020, CVE-2019-8021, CVE-2019-8032, CVE-2019-8035, CVE-2019-8037, CVE-2019-8040, CVE-2019-8043, CVE-2019-8052); have an out-of-bounds write vulnerability (CVE-2019-8098, CVE-2019-8100, CVE-2019-7965, CVE-2019-8008, CVE-2019-8009, CVE-2019-8016, CVE-2019-8022, CVE-2019-8023, CVE-2019-8027); have an use after free vulnerability (CVE-2019-8003, CVE-2019-8013, CVE-2019-8024, CVE-2019-8025, CVE-2019-8026, CVE-2019-8028, CVE-2019-8029, CVE-2019-8030, CVE-2019-8031, CVE-2019-8033, CVE-2019-8034, CVE-2019-8036, CVE-2019-8038, CVE-2019-8039, CVE-2019-8047, CVE-2019-8051, CVE-2019-8053, CVE-2019-8054, CVE-2019-8055, CVE-2019-8056, CVE-2019-8057, CVE-2019-8058, CVE-2019-8059, CVE-2019-8061); have a heap overflow vulnerability (CVE-2019-8014, CVE-2019-8015, CVE-2019-8041, CVE-2019-8042, CVE-2019-8046, CVE-2019-8049, CVE-2019-8050); have an integer overflow vulnerability (CVE-2019-8099, CVE-2019-8101); have an untrusted pointer dereference vulnerability (CVE-2019-8006, CVE-2019-8017, CVE-2019-8045). Successful exploitation could lead to arbitrary code execution. Adobe Acrobat and Reader versions, 2019.012.20034 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, 2015.006.30498 and earlier versions have an Insufficiently Robust Encryption vulnerability (CVE-2019-8237). Successful exploitation could lead to Security feature bypass in the context of the current user. | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat DC Classic Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader DC Classic Adobe Reader DC Continuous |
Created: 2019-12-20 |
Updated: 2021-06-04 |
||
| ID: CISEC:6815 |
Title: Multiple vulnerabilities on Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and... |
Type: Software |
Bulletins:
CISEC:6815 |
Severity: Low |
| Description: Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a type confusion vulnerability (CVE-2019-7820), have a buffer error vulnerability (CVE-2019-7824), have a double free vulnerability (CVE-2019-7784), have a security bypass vulnerability (CVE-2019-7779), have an out-of-bounds write vulnerability (CVE-2019-7829, CVE-2019-7825, CVE-2019-7822, CVE-2019-7818, CVE-2019-7800, CVE-2019-7804), have a use after free vulnerability (CVE-2019-7834, CVE-2019-7833, CVE-2019-7831, CVE-2019-7830, CVE-2019-7821, CVE-2019-7817, CVE-2019-7814, CVE-2019-7809, CVE-2019-7808, CVE-2019-7807, CVE-2019-7806, CVE-2019-7805, CVE-2019-7796, CVE-2019-7792, CVE-2019-7791, CVE-2019-7788, CVE-2019-7786, CVE-2019-7785, CVE-2019-7783, CVE-2019-7782, CVE-2019-7781, CVE-2019-7772, CVE-2019-7768, CVE-2019-7767, CVE-2019-7766, CVE-2019-7765, CVE-2019-7763, CVE-2019-7762, CVE-2019-7761, CVE-2019-7760, CVE-2019-7759, CVE-2019-7823, CVE-2019-7797, CVE-2019-7835, CVE-2019-7764), have a heap overflow vulnerability (CVE-2019-7828, CVE-2019-7827, CVE-2019-7832). Successful exploitation could lead to arbitrary code execution. Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability (CVE-2019-7841, CVE-2019-7836, CVE-2019-7826, CVE-2019-7813, CVE-2019-7812, CVE-2019-7811, CVE-2019-7810, CVE-2019-7803, CVE-2019-7802, CVE-2019-7801, CVE-2019-7798, CVE-2019-7795, CVE-2019-7794, CVE-2019-7793, CVE-2019-7790, CVE-2019-7789, CVE-2019-7778, CVE-2019-7777, CVE-2019-7776, CVE-2019-7775, CVE-2019-7774, CVE-2019-7773, CVE-2019-7771, CVE-2019-7770, CVE-2019-7769, CVE-2019-7145, CVE-2019-7144, CVE-2019-7143, CVE-2019-7142, CVE-2019-7141, CVE-2019-7140, CVE-2019-7787, CVE-2019-7799, CVE-2019-7780, CVE-2019-7758). Successful exploitation could lead to information disclosure. Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010.20099 and earlier; 2017.011.30140 and earlier; 2017.011.30138 and earlier; 2015.006.30495 and earlier; and 2015.006.30493 and earlier have a Path Traversal vulnerability (CVE-2019-8238). Successful exploitation could lead to Information Disclosure in the context of the current user. | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat DC Classic Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader DC Classic Adobe Reader DC Continuous |
Created: 2019-12-20 |
Updated: 2021-06-04 |
||
| ID: CISEC:6814 |
Title: Multiple vulnerabilities on Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier. |
Type: Software |
Bulletins:
CISEC:6814 |
Severity: Low |
| Description: Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability (CVE-2019-7061, CVE-2019-7109, CVE-2019-7110, CVE-2019-7114, CVE-2019-7115, CVE-2019-7116, CVE-2019-7121, CVE-2019-7122, CVE-2019-7123, and CVE-2019-7127). Successful exploitation could lead to information disclosure. Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability (CVE-2019-7111, CVE-2019-7118, CVE-2019-7119, CVE-2019-7120, and CVE-2019-7124); have a type confusion vulnerability (CVE-2019-7117 and CVE-2019-7128); have an use after free vulnerability (CVE-2019-7088 and CVE-2019-7112); have a heap overflow vulnerability (CVE-2019-7113 and CVE-2019-7125). Successful exploitation could lead to arbitrary code execution. | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat DC Classic Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader DC Classic Adobe Reader DC Continuous |
Created: 2019-12-20 |
Updated: 2021-06-04 |
||
| ID: CISEC:6810 |
Title: Multiple vulnerabilities on Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier. |
Type: Software |
Bulletins:
CISEC:6810 |
Severity: Low |
| Description: Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a data leakage (sensitive) vulnerability (CVE-2019-7089); have an integer overflow vulnerability (CVE-2019-7030); have an out-of-bounds read vulnerability (CVE-2019-7021, CVE-2019-7022, CVE-2019-7023, CVE-2019-7024, CVE-2019-7028, CVE-2019-7032, CVE-2019-7033, CVE-2019-7034, CVE-2019-7035, CVE-2019-7036, CVE-2019-7038, CVE-2019-7045, CVE-2019-7047, CVE-2019-7049, CVE-2019-7053, CVE-2019-7055, CVE-2019-7056, CVE-2019-7057, CVE-2019-7058, CVE-2019-7059, CVE-2019-7063, CVE-2019-7064, CVE-2019-7065, CVE-2019-7067, CVE-2019-7071, CVE-2019-7073, CVE-2019-7074, CVE-2019-7081). Successful exploitation could lead to information disclosure. Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a double free vulnerability (CVE-2019-7080); have a buffer errors vulnerability (CVE-2019-7020, CVE-2019-7085); have an out-of-bounds write vulnerability (CVE-2019-7019, CVE-2019-7027, CVE-2019-7037, CVE-2019-7039, CVE-2019-7052, CVE-2019-7060, CVE-2019-7079); have a type confusion vulnerability (CVE-2019-7069, CVE-2019-7086, CVE-2019-7087); have an untrusted pointer dereference vulnerability (CVE-2019-7042, CVE-2019-7046, CVE-2019-7051, CVE-2019-7054, CVE-2019-7066, CVE-2019-7076); have an use after free vulnerability (CVE-2019-7018, CVE-2019-7025, CVE-2019-7026, CVE-2019-7029, CVE-2019-7031, CVE-2019-7040, CVE-2019-7043, CVE-2019-7044, CVE-2019-7048, CVE-2019-7050, CVE-2019-7062, CVE-2019-7068, CVE-2019-7070, CVE-2019-7072, CVE-2019-7075, CVE-2019-7077, CVE-2019-7078, CVE-2019-7082, CVE-2019-7083, CVE-2019-7084). Successful exploitation could lead to arbitrary code execution. Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability (CVE-2018-19725). Successful exploitation could lead to privilege escalation. Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability (CVE-2019-7041) | ||||
| Applies to: Adobe Acrobat 2017 Adobe Acrobat DC Classic Adobe Acrobat DC Continuous Adobe Reader 2017 Adobe Reader DC Classic Adobe Reader DC Continuous |
Created: 2019-12-20 |
Updated: 2021-06-04 |
||
| ID: CISEC:6791 |
Title: Microsoft Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6791 CVE-2019-1384 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another machine using the original user privileges. The issue has been addressed by changing how NTLM validates network authentication messages. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6774 |
Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6774 CVE-2019-1430 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, an attacker must send a specially crafted QuickTime file to a user and convince them to open it. When opened, the malicious QuickTime file will execute code of the attacker’s choice on the target system. The security update addresses the vulnerability by ensuring Windows Media Foundation properly parses QuickTime media files. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6775 |
Title: Microsoft Windows Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6775 CVE-2019-1381 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. To exploit this vulnerability, an authenticated attacker could run a specially crafted application in user mode. The update addresses the vulnerability by checking files paths for symbolic links. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6783 |
Title: Microsoft splwow64 Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6783 CVE-2019-1380 |
Severity: Medium |
| Description: A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6779 |
Title: Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6779 CVE-2019-1382 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. To exploit this vulnerability, an authenticated attacker could run a specially crafted application on the victim system. The update addresses the vulnerability by validated file permissions before accessing them. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6776 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6776 CVE-2019-1406 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6751 |
Title: Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6751 CVE-2019-0719 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Windows Hyper-V Network Switch validates guest operating system network traffic. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6787 |
Title: Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6787 CVE-2019-0721 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Windows Hyper-V Network Switch validates guest operating system network traffic. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6765 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6765 CVE-2019-1432 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6766 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6766 CVE-2019-1411 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-20 |
Updated: 2024-09-07 |
||
| ID: CISEC:6648 |
Title: XmlLite Runtime Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6648 CVE-2019-1187 |
Severity: Medium |
| Description: A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6534 |
Title: Winlogon Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6534 CVE-2019-1268 |
Severity: High |
| Description: An elevation of privilege exists when Winlogon does not properly handle file path information. An attacker who successfully exploited this vulnerability could run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how Winlogon handles path information. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6505 |
Title: Windows WLAN Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6505 CVE-2019-1085 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the wlansvc.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6523 |
Title: Windows VBScript Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6523 CVE-2019-0842 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6524 |
Title: Windows VBScript Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6524 CVE-2019-0772 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6641 |
Title: Windows User Profile Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6641 CVE-2019-0986 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing. The security update addresses the vulnerability by correcting how the Windows User Profile Service handles symlinks. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6392 |
Title: Windows Update Delivery Optimization Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6392 CVE-2019-1289 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions. An attacker who successfully exploited the vulnerability could overwrite files that require higher privileges than what the attacker already has. To exploit this vulnerability, an attacker would need to log into a system. The attacker could then create a Delivery Optimization job to exploit the vulnerability. The security update addresses the vulnerability by correcting how the Delivery Optimization services enforces permissions. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6611 |
Title: Windows Update Client Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6611 CVE-2019-1337 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. To exploit this vulnerability, an authenticated attacker could run a specially crafted application in user mode. The update addresses the vulnerability by correcting how the Windows Update Client handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6513 |
Title: Windows Transaction Manager Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6513 CVE-2019-1219 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application. The security update addresses the vulnerability by correcting how the Transaction Manager handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6649 |
Title: Windows Text Service Framework Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6649 CVE-2019-1235 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives. An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious Input Method Editor (IME). This only affects systems that have installed an IME. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses this vulnerability by correcting how the TSF server and client validate input from each other. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6607 |
Title: Windows TCP/IP Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6607 CVE-2019-0688 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to send specially crafted fragmented IP packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles fragmented IP packets. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6516 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6516 CVE-2019-0693 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6553 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6553 CVE-2019-1185 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6558 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6558 CVE-2019-0682 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6408 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6408 CVE-2019-0694 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6581 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6581 CVE-2019-0689 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6637 |
Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6637 CVE-2019-0692 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6554 |
Title: Windows Storage Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6554 CVE-2019-0983 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application. The security update addresses the vulnerability by correcting how the Storage Services handles file operations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6664 |
Title: Windows Storage Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6664 CVE-2019-0931 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application. The security update addresses the vulnerability by correcting how the Storage Services handles file operations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6450 |
Title: Windows Storage Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6450 CVE-2019-0998 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application. The security update addresses the vulnerability by correcting how the Storage Services handles file operations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6565 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6565 CVE-2019-0821 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, an attacker would have to be able to authenticate and send SMB messages to an impacted Windows SMB Server The security update addresses the vulnerability by correcting how Windows SMB Server handles authenticated requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6667 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6667 CVE-2019-0704 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, an attacker would have to be able to authenticate and send SMB messages to an impacted Windows SMB Server The security update addresses the vulnerability by correcting how Windows SMB Server handles authenticated requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6631 |
Title: Windows SMB Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6631 CVE-2019-0703 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, an attacker would have to be able to authenticate and send SMB messages to an impacted Windows SMB Server The security update addresses the vulnerability by correcting how Windows SMB Server handles authenticated requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6633 |
Title: Windows SMB Client Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6633 CVE-2019-1293 |
Severity: Low |
| Description: An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory. To exploit this vulnerability, an attacker would have to log on to the system first and then run a specially crafted application in user mode. The security update addresses the vulnerability by correcting how the Windows SMB Client kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6466 |
Title: Windows Shell Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6466 CVE-2019-1053 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require unprivileged execution on the victim system. The security update addresses the vulnerability by correctly validating folder shortcuts. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6477 |
Title: Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6477 CVE-2019-0732 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows validates User Mode Code Integrity policies. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6418 |
Title: Windows Secure Kernel Mode Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6418 CVE-2019-1044 |
Severity: High |
| Description: A security feature bypass vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory. To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system. An attacker who successfully exploited the vulnerability could violate virtual trust levels (VTL). The update addresses the vulnerability by correcting how Windows Secure Kernel Mode handles objects in memory to properly enforce VTLs. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6374 |
Title: Windows Secure Boot Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6374 CVE-2019-1294 |
Severity: Low |
| Description: A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory. To exploit the vulnerability, an attacker must gain physical access to the target system prior to the next system reboot. The security update addresses the vulnerability by preventing access to certain debugging options when Windows Secure Boot is enabled. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6398 |
Title: Windows Secure Boot Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6398 CVE-2019-1368 |
Severity: Low |
| Description: A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory. To exploit the vulnerability, an attacker must gain physical access to the target system prior to the next system reboot. The security update addresses the vulnerability by preventing access to certain debugging options when Windows Secure Boot is enabled. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6635 |
Title: Windows RPCSS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6635 CVE-2019-1089 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by correcting how rpcss.dll handles these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6416 |
Title: Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6416 CVE-2019-1326 |
Severity: High |
| Description: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services. The update addresses the vulnerability by correcting how RDP handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6645 |
Title: Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6645 CVE-2019-1223 |
Severity: Medium |
| Description: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding. To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services. The update addresses the vulnerability by correcting how RDP handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6679 |
Title: Windows Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6679 CVE-2019-0856 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could take control of an affected system. To exploit the vulnerability, an authenticated attacker could connect via the Windows Remote Registry Service, causing Windows to execute arbitrary code. The security update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6675 |
Title: Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6675 CVE-2019-1325 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the Windows redirected drive buffering system (rdbss.sys) when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems. When this vulnerability is exploited within other versions of Windows it can cause a denial of service, but not an elevation of privilege. To exploit this vulnerability, a low-level authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how rdbss.sys handles these local calls. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6356 |
Title: Windows Print Spooler Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6356 CVE-2019-0759 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory. An attacker who successfully exploited this vulnerability could use the information to further exploit the victim system. To exploit this vulnerability, an attacker would have to first gain execution on the victim system. The update addresses the vulnerability by correcting how the Windows Print Spooler handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6445 |
Title: Windows Power Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6445 CVE-2019-1341 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when umpo.dll of the Power Service, improperly handles a Registry Restore Key function. An attacker who successfully exploited this vulnerability could delete a targeted registry key leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how umpo.dll of the Power Service handles Registry Restore Key requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6414 |
Title: Windows OLE Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6414 CVE-2019-0885 |
Severity: High |
| Description: A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file or a program, causing Windows to execute arbitrary code. The update addresses the vulnerability by correcting how Windows OLE validates user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6542 |
Title: Windows NTLM Tampering Vulnerability |
Type: Software |
Bulletins:
CISEC:6542 CVE-2019-1166 |
Severity: Medium |
| Description: A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulnerability by hardening NTLM MIC protection on the server-side. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6455 |
Title: Windows NTLM Tampering Vulnerability |
Type: Software |
Bulletins:
CISEC:6455 CVE-2019-1040 |
Severity: Medium |
| Description: A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulnerability by hardening NTLM MIC protection on the server-side. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6647 |
Title: Windows NTLM Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6647 CVE-2019-1338 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to be able to modify NTLM traffic exchange. The update addresses the vulnerability by hardening NTLMv2 protection on the server-side. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6357 |
Title: Windows NTFS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6357 CVE-2019-1170 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by preventing sandboxed processes from creating reparse points targeting inaccessible files. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6629 |
Title: Windows Network File System Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6629 CVE-2019-1045 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows NFS properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6555 |
Title: Windows Network Connectivity Assistant Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6555 CVE-2019-1287 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the Windows Network Connectivity Assistant handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Network Connectivity Assistant properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6578 |
Title: Windows NDIS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6578 CVE-2019-0707 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it. To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level. An attacker who successfully exploited this vulnerability could run processes in an elevated context. However, an attacker must first gain access to the local system with the ability to execute a malicious application in order to exploit this vulnerability. The security update addresses the vulnerability by changing how ndis.sys validates buffer length. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6351 |
Title: Windows Media Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6351 CVE-2019-1271 |
Severity: High |
| Description: An elevation of privilege exists in hdAudio.sys which may lead to an out of band write. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how hdAudio.sys stores the size of the reserved region. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6529 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6529 CVE-2019-1073 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6559 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6559 CVE-2019-0755 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6564 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6564 CVE-2019-1039 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6697 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6697 CVE-2019-1071 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6346 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6346 CVE-2019-1345 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6349 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6349 CVE-2019-0767 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6375 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6375 CVE-2019-0775 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6684 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6684 CVE-2019-1228 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6688 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6688 CVE-2019-1334 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6402 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6402 CVE-2019-1227 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6425 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6425 CVE-2019-1274 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6470 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6470 CVE-2019-1125 |
Severity: Low |
| Description: An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125. Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6473 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6473 CVE-2019-0702 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6573 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6573 CVE-2019-0844 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6574 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6574 CVE-2019-0782 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6626 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6626 CVE-2019-0840 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6651 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6651 CVE-2019-0663 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6541 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6541 CVE-2019-1164 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6545 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6545 CVE-2019-1159 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6696 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6696 CVE-2019-1067 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6662 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6662 CVE-2019-1065 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6478 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6478 CVE-2019-0696 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6602 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6602 CVE-2019-0881 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application. The security update addresses the vulnerability by helping to ensure that the Windows Kernel properly handles key enumeration. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6660 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6660 CVE-2019-1041 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6652 |
Title: Windows IOleCvt Interface Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6652 CVE-2019-0845 |
Severity: High |
| Description: A remote code execution vulnerability exists when the IOleCvt interface renders ASP webpage content. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. In a web-based attack scenario, an attacker could host a specially crafted website designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the browser rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The update addresses the vulnerability by correcting methods exposed when the IOleCvt interface is invoked. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6381 |
Title: Windows Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6381 CVE-2019-0973 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6501 |
Title: Windows Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6501 CVE-2019-1172 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would have to trick a user into browsing to a specially crafted website, allowing the attacker to steal the user's token. The security update addresses the vulnerability by correcting how MSA handles cookies. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6400 |
Title: Windows Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6400 CVE-2019-0839 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting how the Terminal Services component handle objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6597 |
Title: Windows Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6597 CVE-2019-0838 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability. The security update addresses the vulnerability by changing how Task Scheduler handles credentials. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6487 |
Title: Windows Imaging API Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6487 CVE-2019-1311 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted .WIM file. The update addresses the vulnerability by modifying how the WIM service handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6539 |
Title: Windows Image Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6539 CVE-2019-1190 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6405 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6405 CVE-2019-0709 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6439 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6439 CVE-2019-0620 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6440 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6440 CVE-2019-0722 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6615 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6615 CVE-2019-0965 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6517 |
Title: Windows Hyper-V Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6517 CVE-2019-1254 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk. An attacker could exploit the vulnerability by reading a file to recover kernel memory. To exploit the vulnerability, an attacker would first require access to a Hyper-V host. The security update addresses the vulnerability by ensuring Hyper-V properly initializes memory before writing it to disk. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6677 |
Title: Windows Hyper-V Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6677 CVE-2019-0886 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6590 |
Title: Windows Hyper-V Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6590 CVE-2019-0695 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6494 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6494 CVE-2019-0701 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6480 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6480 CVE-2019-0717 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6515 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6515 CVE-2019-0690 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6531 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6531 CVE-2019-0718 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6543 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6543 CVE-2019-0966 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6666 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6666 CVE-2019-0713 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6436 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6436 CVE-2019-0710 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6458 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6458 CVE-2019-0714 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6606 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6606 CVE-2019-0723 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6571 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6571 CVE-2019-0715 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6625 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6625 CVE-2019-0928 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6636 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6636 CVE-2019-0711 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6486 |
Title: Windows Graphics Component Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6486 CVE-2019-1143 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage. The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6444 |
Title: Windows Graphics Component Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6444 CVE-2019-1154 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage. The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6658 |
Title: Windows Graphics Component Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6658 CVE-2019-1158 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage. The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6481 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6481 CVE-2019-1286 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6511 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6511 CVE-2019-0849 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6532 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6532 CVE-2019-1013 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6546 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6546 CVE-2019-1116 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6548 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6548 CVE-2019-1016 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6557 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6557 CVE-2019-0977 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6693 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6693 CVE-2019-1012 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6342 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6342 CVE-2019-0968 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6343 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6343 CVE-2019-0882 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6347 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6347 CVE-2019-0802 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6348 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6348 CVE-2019-1363 |
Severity: Low |
| Description: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how GDI handles memory addresses. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6358 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6358 CVE-2019-1094 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6360 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6360 CVE-2019-1098 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6370 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6370 CVE-2019-1047 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6371 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6371 CVE-2019-0614 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6377 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6377 CVE-2019-0961 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6383 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6383 CVE-2019-1009 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6661 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6661 CVE-2019-1099 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6678 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6678 CVE-2019-1015 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6399 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6399 CVE-2019-1010 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6394 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6394 CVE-2019-1048 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6419 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6419 CVE-2019-1101 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6427 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6427 CVE-2019-1095 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6446 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6446 CVE-2019-1011 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6467 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6467 CVE-2019-1252 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6476 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6476 CVE-2019-1046 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6604 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6604 CVE-2019-1050 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6579 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6579 CVE-2019-0774 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6585 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6585 CVE-2019-1100 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6598 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6598 CVE-2019-0758 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6601 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6601 CVE-2019-1049 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6475 |
Title: Windows File Signature Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6475 CVE-2019-1163 |
Severity: Medium |
| Description: A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify a signed CAB file and inject malicious code. The attacker could then convince a target user to execute the file. The update addresses the vulnerability by correcting how Windows validates file signatures. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6685 |
Title: Windows Event Viewer Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6685 CVE-2019-0948 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. To exploit the vulnerability, an attacker could create a file containing specially crafted XML content and convince an authenticated user to import the file. The update addresses the vulnerability by modifying the way that the Event Viewer parses XML input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6484 |
Title: Windows Error Reporting Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6484 CVE-2019-1315 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles hard links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6376 |
Title: Windows Error Reporting Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6376 CVE-2019-1342 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles process crashes. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6397 |
Title: Windows Error Reporting Manager Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6397 CVE-2019-1339 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles hard links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6550 |
Title: Windows Error Reporting Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6550 CVE-2019-1319 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. To exploit the vulnerability, an attacker could run a specially crafted application. The security update addresses the vulnerability by correcting the way that WER handles and executes files. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6412 |
Title: Windows Error Reporting Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6412 CVE-2019-0863 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges. To exploit the vulnerability, an attacker must first gain unprivileged execution on a victim system. The security update addresses the vulnerability by correcting the way WER handles files. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6420 |
Title: Windows Error Reporting Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6420 CVE-2019-1037 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with administrator privileges. To exploit the vulnerability, an attacker must first gain unprivileged execution on a victim system. The security update addresses the vulnerability by correcting the way WER handles files. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6492 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6492 CVE-2019-1253 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how AppX Deployment Server handles junctions. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6485 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6485 CVE-2019-1180 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the wcmsvc.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6504 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6504 CVE-2019-0805 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to LUAFV. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6525 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6525 CVE-2019-0836 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to LUAFV. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6535 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6535 CVE-2019-0796 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could set the short name of a file with a long name to an arbitrary short name, overriding the file system with limited privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability. The update addresses the vulnerability by correcting how Windows handles calls to LUAFV. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6552 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6552 CVE-2019-1292 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows handles symbolic links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6563 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6563 CVE-2019-1184 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting unprotected COM calls. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6568 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6568 CVE-2019-1215 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring that ws2ifsl.sys properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6698 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6698 CVE-2019-0936 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows handles symbolic links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6350 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6350 CVE-2019-1130 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6355 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6355 CVE-2019-0734 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication request using Kerberos, allowing an attacker to be validated as an Administrator. The update addresses this vulnerability by changing how these requests are validated. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6422 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6422 CVE-2019-1177 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the rpcss.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6429 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6429 CVE-2019-1178 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6431 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6431 CVE-2019-0730 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to LUAFV. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6432 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6432 CVE-2019-1186 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the wcmsvc.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6452 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6452 CVE-2019-1175 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the psmsrv.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6462 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6462 CVE-2019-1129 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6468 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6468 CVE-2019-1173 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the PsmServiceExtHost.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6474 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6474 CVE-2019-1064 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6582 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6582 CVE-2019-0731 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to LUAFV. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6583 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6583 CVE-2019-0841 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6612 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6612 CVE-2019-1174 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the PsmServiceExtHost.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6627 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6627 CVE-2019-1278 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the unistore.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6654 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6654 CVE-2019-1303 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how AppX Deployment Server handles junctions. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6655 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6655 CVE-2019-1179 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the unistore.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6407 |
Title: Windows dnsrlvr.dll Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6407 CVE-2019-1090 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the dnsrslvr.dll properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6691 |
Title: Windows DNS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6691 CVE-2019-0811 |
Severity: Medium |
| Description: A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries. An attacker who successfully exploited this vulnerability could cause the DNS Server service to become nonresponsive. To exploit the vulnerability, an unauthenticated attacker could send malicious DNS queries to an affected server, resulting in a denial of service. However, the DNS server must be configured to use DNS Analytical Logging for the attack to succeed. The update addresses the vulnerability by correcting how Windows DNS Server processes DNS queries. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6561 |
Title: Windows DHCP Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6561 CVE-2019-0785 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive. To exploit the vulnerability, an attacker could send a specially crafted packet to a DHCP server. However, the DHCP server must be set to failover mode for the attack to succeed. The security update addresses the vulnerability by correcting how DHCP failover servers handle network packets. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6417 |
Title: Windows DHCP Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6417 CVE-2019-1213 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability, an attacker could send a specially crafted packet to a DHCP server. The security update addresses the vulnerability by correcting how DHCP servers handle network packets. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6457 |
Title: Windows DHCP Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6457 CVE-2019-0725 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability, a remote unauthenticated attacker could send a specially crafted packet to an affected DHCP server. The security update addresses the vulnerability by correcting how DHCP servers handle network packets. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6521 |
Title: Windows DHCP Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6521 CVE-2019-1206 |
Severity: Medium |
| Description: A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. To exploit the vulnerability, an attacker could send a specially crafted packet to a DHCP server. However, the DHCP server must be set to failover mode for the attack to succeed. The security update addresses the vulnerability by correcting how DHCP failover servers handle network packets. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6442 |
Title: Windows DHCP Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6442 CVE-2019-1212 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding. To exploit the vulnerability, a remote unauthenticated attacker could send a specially crafted packet to an affected DHCP server. The security update addresses the vulnerability by correcting how DHCP servers handle network packets. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6522 |
Title: Windows DHCP Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6522 CVE-2019-0697 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send specially crafted DHCP responses to a client. The security update addresses the vulnerability by correcting how Windows DHCP clients handle certain DHCP responses. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6361 |
Title: Windows DHCP Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6361 CVE-2019-0698 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send specially crafted DHCP responses to a client. The security update addresses the vulnerability by correcting how Windows DHCP clients handle certain DHCP responses. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6384 |
Title: Windows DHCP Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6384 CVE-2019-0736 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send specially crafted DHCP responses to a client. The security update addresses the vulnerability by correcting how Windows DHCP clients handle certain DHCP responses. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6593 |
Title: Windows DHCP Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6593 CVE-2019-0726 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send specially crafted DHCP responses to a client. The security update addresses the vulnerability by correcting how Windows DHCP clients handle certain DHCP responses. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6368 |
Title: Windows Deployment Services TFTP Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6368 CVE-2019-0603 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6490 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6490 CVE-2019-0754 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6530 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6530 CVE-2019-1346 |
Severity: High |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application or to convince a user to open a specific file on a network share. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6676 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6676 CVE-2019-1347 |
Severity: High |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application or to convince a user to open a specific file on a network share. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6409 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6409 CVE-2019-0716 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6646 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6646 CVE-2019-1025 |
Severity: High |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application or to convince a user to open a specific file on a network share. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6656 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6656 CVE-2019-1343 |
Severity: High |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application or to convince a user to open a specific file on a network share. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6586 |
Title: Windows CSRSS Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6586 CVE-2019-0735 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows CSRSS handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6639 |
Title: Windows Common Log File System Driver Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6639 CVE-2019-1282 |
Severity: Low |
| Description: An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks. An attacker who successfully exploited this vulnerability could potentially read data outside their expected limits. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application. The security update addresses the vulnerability by correcting how CLFS handles sandbox checks. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6533 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6533 CVE-2019-0959 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6682 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6682 CVE-2019-0984 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6464 |
Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6464 CVE-2019-1214 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6617 |
Title: Windows Code Integrity Module Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6617 CVE-2019-1344 |
Severity: Low |
| Description: An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application or convince a target to run a crafted application. The security update addresses the vulnerability by modifying how the Code Integrity Module handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6488 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6488 CVE-2019-1086 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6506 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6506 CVE-2019-1022 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6556 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6556 CVE-2019-1021 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6672 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6672 CVE-2019-1087 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6438 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6438 CVE-2019-1027 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6471 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6471 CVE-2019-1277 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Windows Audio Service when a malformed parameter is processed. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges when used in conjunction with another vulnerability. To exploit the vulnerability, an attacker could run a specially crafted application locally. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles these parameters. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6589 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6589 CVE-2019-1088 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6592 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6592 CVE-2019-1026 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6596 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6596 CVE-2019-1007 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6616 |
Title: Windows Audio Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6616 CVE-2019-1028 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6495 |
Title: Windows ALPC Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6495 CVE-2019-1269 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to ALPC. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6472 |
Title: Windows ALPC Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6472 CVE-2019-1162 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to ALPC. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6584 |
Title: Windows ALPC Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6584 CVE-2019-1272 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to ALPC. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6650 |
Title: Windows ALPC Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6650 CVE-2019-0943 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to ALPC. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6387 |
Title: Windows ActiveX Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6387 CVE-2019-0784 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the ActiveX Data objects handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6500 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6500 CVE-2019-0814 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6518 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6518 CVE-2019-1096 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6372 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6372 CVE-2019-0848 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6603 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6603 CVE-2019-0776 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6498 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6498 CVE-2019-0685 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6537 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6537 CVE-2019-0797 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6544 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6544 CVE-2019-0859 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6547 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6547 CVE-2019-0892 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6369 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6369 CVE-2019-1256 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6388 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6388 CVE-2019-1017 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6663 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6663 CVE-2019-0803 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6683 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6683 CVE-2019-1285 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6396 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6396 CVE-2019-1362 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6390 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6390 CVE-2019-1364 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6428 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6428 CVE-2019-1169 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6461 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6461 CVE-2019-1132 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6594 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6594 CVE-2019-0960 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6618 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6618 CVE-2019-0808 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6624 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6624 CVE-2019-1014 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6332 |
Title: VBScript Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6332 CVE-2019-1238 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. | ||||
| Applies to: Microsoft Internet Explorer 11 |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6327 |
Title: VBScript Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6327 CVE-2019-1239 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. | ||||
| Applies to: Microsoft Internet Explorer 11 |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6344 |
Title: Unified Write Filter Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6344 CVE-2019-0942 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry. An attacker who successfully exploited the vulnerability could make changes to the registry keys protected by UWF without having administrator privileges. To exploit the vulnerability, an attacker would have to log on to an affected system utilizing UWF and access the registry editor. The security update addresses the vulnerability by correcting how the Unified Write Filter verifies privileges when accessing the registry. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6680 |
Title: Task Scheduler Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6680 CVE-2019-1069 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system. The security update addresses the vulnerability by correctly validating file operations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6634 |
Title: SymCrypt Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6634 CVE-2019-1171 |
Severity: Low |
| Description: An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability through a software change to the OAEP decoding operations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6395 |
Title: SymCrypt Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6395 CVE-2019-0865 |
Severity: Medium |
| Description: A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature. An attacker could exploit the vulnerability by creating a specially crafted connection or message. The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6512 |
Title: Remote Desktop Services Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6512 CVE-2019-1182 |
Severity: High |
| Description: A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6671 |
Title: Remote Desktop Services Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6671 CVE-2019-0708 |
Severity: High |
| Description: A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6674 |
Title: Remote Desktop Services Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6674 CVE-2019-1181 |
Severity: High |
| Description: A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6435 |
Title: Remote Desktop Services Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6435 CVE-2019-1226 |
Severity: High |
| Description: A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6572 |
Title: Remote Desktop Services Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6572 CVE-2019-1222 |
Severity: High |
| Description: A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6580 |
Title: Remote Desktop Services Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6580 CVE-2019-0887 |
Severity: High |
| Description: A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker must already have compromised a system running Remote Desktop Services, and then wait for a victim system to connect to Remote Desktop Services. The update addresses the vulnerability by correcting how Remote Desktop Services handles clipboard redirection. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6441 |
Title: Remote Desktop Protocol Server Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6441 CVE-2019-1224 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6642 |
Title: Remote Desktop Protocol Server Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6642 CVE-2019-1225 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6577 |
Title: Remote Desktop Protocol Client Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6577 CVE-2019-1108 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP client initializes memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6378 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6378 CVE-2019-1291 |
Severity: High |
| Description: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6690 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6690 CVE-2019-0788 |
Severity: High |
| Description: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6595 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6595 CVE-2019-0787 |
Severity: High |
| Description: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6628 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6628 CVE-2019-1333 |
Severity: High |
| Description: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6643 |
Title: Remote Desktop Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6643 CVE-2019-1290 |
Severity: High |
| Description: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6367 |
Title: OLE Automation Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6367 CVE-2019-0794 |
Severity: High |
| Description: A remote code execution vulnerability exists when OLE automation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could gain execution on the victim system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke OLE automation through a web browser. However, an attacker would have to entice a user to visit such a website. The update addresses the vulnerability by correcting how OLE automation handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6493 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6493 CVE-2019-0795 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6527 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6527 CVE-2019-0756 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6694 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6694 CVE-2019-0792 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6665 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6665 CVE-2019-1057 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6668 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6668 CVE-2019-0793 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6411 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6411 CVE-2019-0790 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6469 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6469 CVE-2019-1060 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6576 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6576 CVE-2019-0791 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6502 |
Title: Microsoft Windows Update Client Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6502 CVE-2019-1336 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by enabling the Windows Update client to properly handle user privileges. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6519 |
Title: Microsoft Windows Update Client Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6519 CVE-2019-1323 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by enabling the Windows Update client to properly handle user privileges. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6386 |
Title: Microsoft Windows Transport Layer Security Spoofing Vulnerability |
Type: Software |
Bulletins:
CISEC:6386 CVE-2019-1318 |
Severity: Medium |
| Description: A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions. An attacker who successfully exploited this vulnerability may gain access to unauthorized information. To exploit the vulnerability, an attacker would have to conduct a man-in-the-middle attack. The update addresses the vulnerability by correcting how TLS client and server establish and resume sessions with non-EMS peers. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6352 |
Title: Microsoft Windows Store Installer Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6352 CVE-2019-1270 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and add or remove files. The security update addresses the vulnerability by not allowing reparse points in the WindowsApps directory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6423 |
Title: Microsoft Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6423 CVE-2019-1019 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another machine using the original user privileges. The issue has been addressed by changing how NTLM validates network authentication messages. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6456 |
Title: Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6456 CVE-2019-1168 |
Severity: High |
| Description: An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the p2pimsvc service handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6497 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6497 CVE-2019-1322 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way Windows handles authentication requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6499 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6499 CVE-2019-1340 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by not permitting Windows AppX Deployment Server to create files in arbitrary locations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6669 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6669 CVE-2019-1198 |
Severity: High |
| Description: An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how the SyncController.dll handles processes these requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6591 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6591 CVE-2019-1082 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL. An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM. The update addresses this vulnerability by requiring SYSTEM privileges for a certain DLL. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6614 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6614 CVE-2019-0766 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by not permitting Windows AppX Deployment Server to create files in arbitrary locations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6653 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6653 CVE-2019-1074 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6659 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6659 CVE-2019-1320 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way Windows handles authentication requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6562 |
Title: Microsoft Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6562 CVE-2019-1317 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would allow an attacker to overwrite system files. The update addresses the vulnerability by correcting ACLs to system files. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6608 |
Title: Microsoft Windows CloudStore Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6608 CVE-2019-1321 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List (DACL). An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows CloudStore handles DACLs. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6569 |
Title: Microsoft unistore.dll Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6569 CVE-2019-1091 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. To exploit this vulnerability, an authenticated attacker could run a specially crafted application in user mode. The update addresses the vulnerability by correcting how the Unistore.dll handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6620 |
Title: Microsoft splwow64 Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6620 CVE-2019-0880 |
Severity: Medium |
| Description: A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6587 |
Title: Microsoft Speech API Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6587 CVE-2019-0985 |
Severity: Medium |
| Description: A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an attacker would need to convince a user to open a specially crafted document containing TTS content invoked through a scripting language. The update address the vulnerability by modifying how the system handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6599 |
Title: Microsoft IIS Server Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6599 CVE-2019-1365 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it. An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\system escaping the Sandbox. The security update addresses the vulnerability by correcting how Microsoft IIS Server sanitizes web requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6345 |
Title: Microsoft IIS Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6345 CVE-2019-0941 |
Severity: Medium |
| Description: A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To exploit this vulnerability, an attacker could send a specially crafted request to a page utilizing request filtering. The update addresses the vulnerability by changing the way certain requests are processed by the filter. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6538 |
Title: Microsoft Graphics Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6538 CVE-2019-1144 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6540 |
Title: Microsoft Graphics Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6540 CVE-2019-1150 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6363 |
Title: Microsoft Graphics Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6363 CVE-2019-1152 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6403 |
Title: Microsoft Graphics Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6403 CVE-2019-1145 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6373 |
Title: Microsoft Graphics Components Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6373 CVE-2019-1283 |
Severity: Low |
| Description: An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation. To exploit the vulnerability, a user would have to open a specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6681 |
Title: Microsoft Graphics Components Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6681 CVE-2019-1361 |
Severity: Medium |
| Description: An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation. To exploit the vulnerability, a user would have to open a specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6453 |
Title: Microsoft Graphics Component Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6453 CVE-2019-1078 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6382 |
Title: Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6382 CVE-2019-1267 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by writing the file to a location with an appropriate Access Control List. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6424 |
Title: Local Security Authority Subsystem Service Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6424 CVE-2019-0972 |
Severity: Medium |
| Description: This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6508 |
Title: LNK Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6508 CVE-2019-1280 |
Severity: High |
| Description: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system. The security update addresses the vulnerability by correcting the processing of shortcut LNK references. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6401 |
Title: LNK Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6401 CVE-2019-1188 |
Severity: High |
| Description: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system. The security update addresses the vulnerability by correcting the processing of shortcut LNK references. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6496 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6496 CVE-2019-0890 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6482 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6482 CVE-2019-0909 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6503 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6503 CVE-2019-1240 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6507 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6507 CVE-2019-0904 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6520 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6520 CVE-2019-1242 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6536 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6536 CVE-2019-1250 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6560 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6560 CVE-2019-1248 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6695 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6695 CVE-2019-1358 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6353 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6353 CVE-2019-0891 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6364 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6364 CVE-2019-1146 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6379 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6379 CVE-2019-1241 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6380 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6380 CVE-2019-0898 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6670 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6670 CVE-2019-1247 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6673 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6673 CVE-2019-1147 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6687 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6687 CVE-2019-1249 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6692 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6692 CVE-2019-0894 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6391 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6391 CVE-2019-0897 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6393 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6393 CVE-2019-0905 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6404 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6404 CVE-2019-1359 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6413 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6413 CVE-2019-0877 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6426 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6426 CVE-2019-0901 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6433 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6433 CVE-2019-1157 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6434 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6434 CVE-2019-0851 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6437 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6437 CVE-2019-0906 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6448 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6448 CVE-2019-0899 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6449 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6449 CVE-2019-0900 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6451 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6451 CVE-2019-0974 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6465 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6465 CVE-2019-0895 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6479 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6479 CVE-2019-0889 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6605 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6605 CVE-2019-0893 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6575 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6575 CVE-2019-1243 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6588 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6588 CVE-2019-1156 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6600 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6600 CVE-2019-0907 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6613 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6613 CVE-2019-0847 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6619 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6619 CVE-2019-0902 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6621 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6621 CVE-2019-0879 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6630 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6630 CVE-2019-0908 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6632 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6632 CVE-2019-0617 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6640 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6640 CVE-2019-0846 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6644 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6644 CVE-2019-0896 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6329 |
Title: Internet Explorer Memory Corruption Vulnerability |
Type: Software |
Bulletins:
CISEC:6329 CVE-2019-1371 |
Severity: High |
| Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. | ||||
| Applies to: Microsoft Internet Explorer 11 |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6389 |
Title: Hyper-V vSMB Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6389 CVE-2019-0786 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker running inside a virtual machine could run a specially crafted application that could cause the Hyper-V host operating system to execute arbitrary code. The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6354 |
Title: Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6354 CVE-2019-0720 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Windows Hyper-V Network Switch validates guest operating system network traffic. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6489 |
Title: Hyper-V Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6489 CVE-2019-1230 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how the Windows Hyper-V Network Switch validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6514 |
Title: HTTP/2 Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6514 CVE-2019-9514 |
Severity: High |
| Description: A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an unauthenticated attacker could send a specially crafted HTTP packet to a target system, causing the affected system to become nonresponsive. The update addresses the vulnerability by modifying how the Windows HTTP protocol stack handles HTTP/2 requests. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6366 |
Title: HTTP/2 Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6366 CVE-2019-9513 |
Severity: High |
| Description: A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an unauthenticated attacker could send a specially crafted HTTP packet to a target system, causing the affected system to become nonresponsive. The update addresses the vulnerability by modifying how the Windows HTTP protocol stack handles HTTP/2 requests. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6430 |
Title: HTTP/2 Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6430 CVE-2019-9511 |
Severity: High |
| Description: A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an unauthenticated attacker could send a specially crafted HTTP packet to a target system, causing the affected system to become nonresponsive. The update addresses the vulnerability by modifying how the Windows HTTP protocol stack handles HTTP/2 requests. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6460 |
Title: HTTP/2 Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6460 CVE-2019-9518 |
Severity: High |
| Description: A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an unauthenticated attacker could send a specially crafted HTTP packet to a target system, causing the affected system to become nonresponsive. The update addresses the vulnerability by modifying how the Windows HTTP protocol stack handles HTTP/2 requests. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6610 |
Title: HTTP/2 Server Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:6610 CVE-2019-9512 |
Severity: High |
| Description: A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an unauthenticated attacker could send a specially crafted HTTP packet to a target system, causing the affected system to become nonresponsive. The update addresses the vulnerability by modifying how the Windows HTTP protocol stack handles HTTP/2 requests. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6362 |
Title: GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6362 CVE-2019-1102 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message. In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file. The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6447 |
Title: GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6447 CVE-2019-0853 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message. In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file. The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6609 |
Title: GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6609 CVE-2019-0903 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message. In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file. The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6567 |
Title: DirectX Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6567 CVE-2019-1216 |
Severity: Low |
| Description: An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6463 |
Title: DirectX Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6463 CVE-2019-0837 |
Severity: Low |
| Description: An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6406 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6406 CVE-2019-1284 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6443 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6443 CVE-2019-0999 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6459 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6459 CVE-2019-1018 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6638 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6638 CVE-2019-1176 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6491 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6491 CVE-2019-1121 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6526 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6526 CVE-2019-1118 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6551 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6551 CVE-2019-1124 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6686 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6686 CVE-2019-1119 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6410 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6410 CVE-2019-1128 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6415 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6415 CVE-2019-1127 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6421 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6421 CVE-2019-1122 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6454 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6454 CVE-2019-1123 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6623 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6623 CVE-2019-1117 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6657 |
Title: DirectWrite Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6657 CVE-2019-1120 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6528 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6528 CVE-2019-1244 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6549 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6549 CVE-2019-1245 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6566 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6566 CVE-2019-1251 |
Severity: Low |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6570 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6570 CVE-2019-1097 |
Severity: Low |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6622 |
Title: DirectWrite Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6622 CVE-2019-1093 |
Severity: Low |
| Description: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6483 |
Title: ADFS Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6483 CVE-2019-0975 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security update corrects how ADFS updates its list of banned IP addresses. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6359 |
Title: ADFS Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6359 CVE-2019-1126 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy. To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory. This security update corrects how ADFS handles external authentication requests. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6689 |
Title: ActiveX Data Objects (ADO) Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6689 CVE-2019-0888 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that exploits the vulnerability and then convince a victim user to visit the website. The security update addresses the vulnerability by modifying how ActiveX Data Objects handle objects in memory. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6510 |
Title: Active Directory Federation Services XSS Vulnerability |
Type: Software |
Bulletins:
CISEC:6510 CVE-2019-1273 |
Severity: Low |
| Description: A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected ADFS server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run scripts in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the ADFS site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that ADFS error handling properly sanitizes error messages. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CISEC:6385 |
Title: Active Directory Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6385 CVE-2019-0683 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest. To exploit this vulnerability, an attacker would first need to compromise an Active Directory forest. An attacker who successfully exploited this vulnerability could request delegation of a TGT for an identity from the trusted forest. This update addresses the vulnerability by ensuring new Active Directory Forest trusts disable TGT delegation by default. The update does not change existing TGT delegation configurations. | ||||
| Applies to: |
Created: 2019-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2019-13962 |
Title: VLC avcodec picture copy heap-buffer-overflow |
Type: Software |
Bulletins:
CVE-2019-13962 |
Severity: High |
| Description: lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height." | ||||
| Applies to: VLC |
Created: 2019-07-26 |
Updated: 2024-09-07 |
||
| ID: CISEC:5972 |
Title: Windows VBScript Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5972 CVE-2018-8544 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5996 |
Title: Windows Theme API Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5996 CVE-2018-8413 |
Severity: High |
| Description: A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, a victim user must open a specially crafted file. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and then convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force a user to visit the website. Instead, an attacker would have to convince a user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file. The security update addresses the vulnerability by helping to ensure that "Windows Theme API" properly decompresses files. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5926 |
Title: Windows TCP/IP Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5926 CVE-2018-8493 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to send specially crafted fragmented IP packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles fragmented IP packets. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5968 |
Title: Windows Subsystem for Linux Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5968 CVE-2019-0553 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. A attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5986 |
Title: Windows Storage Services Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5986 CVE-2018-0983 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Storage Services improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how Storage Services handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5935 |
Title: Windows Storage Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5935 CVE-2019-0659 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application. The security update addresses the vulnerability by correcting how the Storage Services handles file operations. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5980 |
Title: Windows SMB Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5980 CVE-2019-0630 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted packet to a targeted SMBv2 server. The security update addresses the vulnerability by correcting how SMBv2 handles these specially crafted requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5920 |
Title: Windows SMB Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5920 CVE-2019-0633 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted packet to a targeted SMBv2 server. The security update addresses the vulnerability by correcting how SMBv2 handles these specially crafted requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6005 |
Title: Windows Shell Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6005 CVE-2018-8495 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Shell improperly handles URIs. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attack requires specific user interaction which an attacker would need to trick the user into performing. There is no way an attacker could exploit the vulnerability without the user performing the specific action. The security update addresses the vulnerability by modifying how Windows Shell handles URIs. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5994 |
Title: Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:5994 CVE-2019-0627 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows validates User Mode Code Integrity policies. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5997 |
Title: Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:5997 CVE-2018-8549 |
Severity: Low |
| Description: A security feature bypass exists when Windows incorrectly validates kernel driver signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed drivers into the kernel. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed drivers from being loaded by the kernel. The update addresses the vulnerability by correcting how Windows validates kernel driver signatures. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5919 |
Title: Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:5919 CVE-2019-0632 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows validates User Mode Code Integrity policies. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5924 |
Title: Windows Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:5924 CVE-2019-0631 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by correcting how Windows validates User Mode Code Integrity policies. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5923 |
Title: Windows Search Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5923 CVE-2018-8450 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, the attacker could send specially crafted messages to the Windows Search service. An attacker with access to a target computer could exploit this vulnerability to elevate privileges and take control of the computer. Additionally, in an enterprise scenario, a remote authenticated attacker could remotely trigger the vulnerability through an SMB connection and then take control of a target computer. The security update addresses the vulnerability by correcting how Windows Search handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5984 |
Title: Windows Runtime Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5984 CVE-2019-0570 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Runtime handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5948 |
Title: Windows Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5948 CVE-2018-8475 |
Severity: Medium |
| Description: A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to download an image file. The update addresses the vulnerability by properly handling image files. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5918 |
Title: Windows Registry Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5918 CVE-2018-8410 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application. The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5929 |
Title: Windows Media Player Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5929 CVE-2018-8481 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow an attacker to determine the presence of files on disk. To exploit the vulnerability, a user would have to open a specially crafted hyperlink. The update addresses the vulnerability by changing the way Windows Media Player discloses file information. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5932 |
Title: Windows Media Player Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5932 CVE-2018-8482 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow an attacker to determine the presence of files on disk. To exploit the vulnerability, a user would have to open a specially crafted hyperlink. The update addresses the vulnerability by changing the way Windows Media Player discloses file information. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5946 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5946 CVE-2019-0549 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5947 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5947 CVE-2018-8330 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5965 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5965 CVE-2019-0661 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5981 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5981 CVE-2018-8477 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5992 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5992 CVE-2019-0569 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6015 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6015 CVE-2019-0554 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6020 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6020 CVE-2018-8621 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5917 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5917 CVE-2018-8408 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5921 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5921 CVE-2019-0536 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5930 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5930 CVE-2018-8622 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5944 |
Title: Windows Kernel Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5944 CVE-2019-0621 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6016 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6016 CVE-2019-0656 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5928 |
Title: Windows Kernel Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5928 CVE-2018-8497 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5937 |
Title: Windows Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5937 CVE-2019-0636 |
Severity: Low |
| Description: An information vulnerability exists when Windows improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of files on disk. To exploit the vulnerability, an attacker would have to log onto an affected system and run a specially crafted application. The update addresses the vulnerability by changing the way Windows discloses file information. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5950 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5950 CVE-2018-8489 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5956 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5956 CVE-2019-0551 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5958 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5958 CVE-2019-0550 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6004 |
Title: Windows Hyper-V Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6004 CVE-2018-8490 |
Severity: High |
| Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5931 |
Title: Windows Hyper-V Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5931 CVE-2019-0635 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5961 |
Title: Windows Hyper-V Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:5961 CVE-2018-8437 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5951 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5951 CVE-2019-0616 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5964 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5964 CVE-2019-0615 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5974 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5974 CVE-2019-0660 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5975 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5975 CVE-2019-0619 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5976 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5976 CVE-2019-0664 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5998 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5998 CVE-2018-8595 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5940 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5940 CVE-2019-0602 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5941 |
Title: Windows GDI Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5941 CVE-2018-8596 |
Severity: Medium |
| Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5973 |
Title: Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5973 CVE-2018-8468 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Windows that allows a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution. However, the vulnerability could allow arbitrary code to run if an attacker uses it in combination with another vulnerability, such as a remote code execution vulnerability or another elevation of privilege vulnerability, that can leverage the elevated privileges when code execution is attempted. The security update addresses the vulnerability by correcting how Windows parses files. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5991 |
Title: Windows Elevation Of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5991 CVE-2018-8592 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc.) with the “keep nothing” option selected during installation. Successful exploitation of the vulnerability could allow an attacker to gain local access to an affected system. To exploit the vulnerability, an attacker would need physical access to the console of the affected system. The update addresses the vulnerability by changing built-in account behavior after the setup process completes. For recommendations on managing the local administrator accounts, please see Implementing Least-Privilege Administrative Models | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5988 |
Title: Windows DNS Server Heap Overflow Vulnerability |
Type: Software |
Bulletins:
CISEC:5988 CVE-2018-8626 |
Severity: High |
| Description: A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability. To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server. The update addresses the vulnerability by modifying how Windows DNS servers handle requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5957 |
Title: Windows DHCP Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5957 CVE-2019-0626 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability, an attacker could send a specially crafted packet to a DHCP server. The security update addresses the vulnerability by correcting how DHCP servers handle network packets. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6011 |
Title: Windows DHCP Client Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6011 CVE-2019-0547 |
Severity: High |
| Description: A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send a specially crafted DHCP responses to a client. The security update addresses the vulnerability by correcting how Windows DHCP clients handle certain DHCP responses. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5915 |
Title: Windows Deployment Services TFTP Server Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5915 CVE-2018-8476 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5967 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:5967 CVE-2018-8205 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5916 |
Title: Windows Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:5916 CVE-2018-8649 |
Severity: Medium |
| Description: A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding. The update addresses the vulnerability by correcting how Windows handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5970 |
Title: Windows Defender Firewall Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:5970 CVE-2019-0637 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections. This vulnerability occurs when Windows is connected to both an ethernet network and a cellular network. An attacker would have no way to trigger this vulnerability remotely, and this vulnerability by itself does not allow Windows to be exploited. This update addresses the behavior by correcting how Windows Defender Firewall handles firewall profiles when ethernet and cellular network connections are both present. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5977 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5977 CVE-2019-0572 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6009 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6009 CVE-2019-0571 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6014 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6014 CVE-2019-0574 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5938 |
Title: Windows Data Sharing Service Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5938 CVE-2019-0573 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Data Sharing Service handles file operations. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5966 |
Title: Windows COM Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5966 CVE-2019-0552 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows COM Desktop Broker. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how Windows COM Desktop Broker processes interface requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5922 |
Title: Windows COM Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5922 CVE-2018-8550 |
Severity: Medium |
| Description: An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how Windows COM Marshaler processes interface requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5983 |
Title: Windows Code Integrity Module Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:5983 CVE-2018-1040 |
Severity: Medium |
| Description: A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing. An attacker who successfully exploited the vulnerability could cause a system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. An attacker could host a specially crafted file in a website or SMB share. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment. The security update addresses the vulnerability by modifying how the Code Integrity Module performs hashing. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5979 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5979 CVE-2018-8565 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5993 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5993 CVE-2019-0628 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6003 |
Title: Win32k Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6003 CVE-2018-8637 |
Severity: Low |
| Description: An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5989 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5989 CVE-2018-8641 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5990 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5990 CVE-2019-0623 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6008 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6008 CVE-2018-0977 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6021 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6021 CVE-2018-8639 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5934 |
Title: Win32k Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5934 CVE-2018-8562 |
Severity: High |
| Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6012 |
Title: Remote Procedure Call runtime Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6012 CVE-2018-8514 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Remote Procedure Call runtime i initializes objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5927 |
Title: Remote Procedure Call runtime Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5927 CVE-2018-8407 |
Severity: Low |
| Description: An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Remote Procedure Call runtime i initializes objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5995 |
Title: MS XML Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5995 CVE-2018-8420 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5969 |
Title: Microsoft XmlDocument Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5969 CVE-2019-0555 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox. The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (for example a remote code execution vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated privileges when running. The security update addresses the vulnerability by modifying how the Microsoft XmlDocument class enforces sandboxing. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5943 |
Title: Microsoft Windows Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5943 CVE-2019-0543 |
Severity: Medium |
| Description: An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way Windows handles authentication requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5982 |
Title: Microsoft Text-To-Speech Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5982 CVE-2018-8634 |
Severity: High |
| Description: A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerability by correcting how the Microsoft text-to-speech handles objects in the memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5999 |
Title: Microsoft JScript Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:5999 CVE-2018-8417 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. To exploit the vulnerability, an attacker would first have to access the local machine, and run a specially crafted application to create arbitrary COM objects. The update addresses the vulnerability by correcting how Microsoft JScript manages COM object creation. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5945 |
Title: Microsoft JET Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5945 CVE-2018-8423 |
Severity: High |
| Description: A remote code execution vulnerability exists in the Microsoft JET Database Engine. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, a user must open/import a specially crafted Microsoft JET Database Engine file. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted file to the user, and then convince the user to open the file. The security update addresses the vulnerability by modifying how the Microsoft JET Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5978 |
Title: Microsoft Graphics Components Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5978 CVE-2018-8553 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6013 |
Title: Microsoft Filter Manager Elevation Of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6013 CVE-2018-8333 |
Severity: Medium |
| Description: An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute elevated code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, an attacker would first have to log on to a target system and then delete a specially crafted file. The security update addresses the vulnerability by correcting how Filter Manager handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6007 |
Title: Microsoft Cortana Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:6007 CVE-2018-8253 |
Severity: Low |
| Description: An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen. An attacker who successfully exploited the vulnerability could steal browser stored passwords or log on to websites as another user. To exploit the vulnerability, an attacker would require physical access to the console and the system must have Microsoft Cortana assistance enabled. The security update addresses the vulnerability by preventing Microsoft Cortana from allowing arbitrary website browsing on the lockscreen. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5952 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5952 CVE-2019-0599 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5953 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5953 CVE-2019-0584 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5955 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5955 CVE-2019-0596 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5959 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5959 CVE-2019-0575 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5960 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5960 CVE-2019-0595 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5963 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5963 CVE-2019-0598 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5985 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5985 CVE-2019-0578 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6000 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6000 CVE-2019-0583 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6001 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6001 CVE-2019-0580 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6006 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6006 CVE-2019-0577 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6010 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6010 CVE-2019-0581 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5914 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5914 CVE-2019-0625 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5925 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5925 CVE-2019-0579 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5939 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5939 CVE-2019-0597 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5942 |
Title: Jet Database Engine Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:5942 CVE-2019-0576 |
Severity: High |
| Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5954 |
Title: HID Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5954 CVE-2019-0601 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the victim’s system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application. The security update addresses the vulnerability by correcting how the HID component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5987 |
Title: HID Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:5987 CVE-2019-0600 |
Severity: Low |
| Description: An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the victim’s system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application. The security update addresses the vulnerability by correcting how the HID component handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6018 |
Title: GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6018 CVE-2019-0618 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message. In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file. The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6019 |
Title: GDI+ Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
CISEC:6019 CVE-2019-0662 |
Severity: High |
| Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message. In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file. The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6002 |
Title: DirectX Information Disclosure Vulnerability |
Type: Software |
Bulletins:
CISEC:6002 CVE-2018-8638 |
Severity: Low |
| Description: An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5949 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5949 CVE-2018-8554 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5962 |
Title: DirectX Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5962 CVE-2018-8485 |
Severity: High |
| Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:6017 |
Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
Type: Software |
Bulletins:
CISEC:6017 CVE-2018-8492 |
Severity: Medium |
| Description: A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine. To exploit the vulnerability, an attacker would first have to access the local machine, and then inject malicious code into a script that is trusted by the Code Integrity policy. The injected code would then run with the same trust level as the script and bypass the Code Integrity policy. The update addresses the vulnerability by correcting how PowerShell exposes functions and processes user supplied code. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5936 |
Title: Cortana Elevation of Privilege Vulnerability |
Type: Software |
Bulletins:
CISEC:5936 CVE-2018-8140 |
Severity: Medium |
| Description: An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions. To exploit the vulnerability, an attacker would require physical/console access and the system would need to have Cortana assistance enabled. The security update addresses the vulnerability by ensuring Cortana considers status when retrieves information from input services. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5971 |
Title: Connected User Experiences and Telemetry Service Denial of Service Vulnerability |
Type: Software |
Bulletins:
CISEC:5971 CVE-2018-8612 |
Severity: Low |
| Description: A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values. An attacker who successfully exploited this vulnerability could deny dependent security feature functionality. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service validates certain function values. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5933 |
Title: Active Directory Federation Services XSS Vulnerability |
Type: Software |
Bulletins:
CISEC:5933 CVE-2018-8547 |
Severity: Low |
| Description: A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected AD FS server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run scripts in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the AD FS site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that the open source customization for AD FS properly sanitizes web requests. | ||||
| Applies to: |
Created: 2019-03-29 |
Updated: 2024-09-07 |
||
| ID: CISEC:5860 |
Title: Vulnerability |
Type: Software |
Bulletins:
CISEC:5860 CVE-2018-8611 |
Severity: High |
| Description: CVE-2018-8611 | Windows Kernel Elevation of Privilege Vulnerability | ||||
| Applies to: |
Created: 2019-01-11 |
Updated: 2024-09-07 |
||
