Lucene search

MicrosoftCVELIST:CVE-2019-0797

HistoryApr 09, 2019 - 2:34 a.m.

CVE-2019-0797

2019-04-0902:34:55

microsoft

www.cve.org

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.4%

JSON

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0808.

CNA Affected

[
  {
    "product": "Windows Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2012"
      },
      {
        "status": "affected",
        "version": "2012 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2012 R2"
      },
      {
        "status": "affected",
        "version": "2012 R2 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2016"
      },
      {
        "status": "affected",
        "version": "2016  (Core installation)"
      },
      {
        "status": "affected",
        "version": "version 1709  (Core Installation)"
      },
      {
        "status": "affected",
        "version": "version 1803  (Core Installation)"
      },
      {
        "status": "affected",
        "version": "2019"
      },
      {
        "status": "affected",
        "version": "2019  (Core installation)"
      }
    ]
  },
  {
    "product": "Windows",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "8.1 for 32-bit systems"
      },
      {
        "status": "affected",
        "version": "8.1 for x64-based systems"
      },
      {
        "status": "affected",
        "version": "RT 8.1"
      },
      {
        "status": "affected",
        "version": "10 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1607 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1607 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1703 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1703 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1709 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1709 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1803 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1803 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1803 for ARM64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1809 for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1809 for x64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1809 for ARM64-based Systems"
      },
      {
        "status": "affected",
        "version": "10 Version 1709 for ARM64-based Systems"
      }
    ]
  }
]

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797