CVE-2019-1441

2019-11-1218:53:16

microsoft

www.cve.org

9.5 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka ‘Win32k Graphics Remote Code Execution Vulnerability’.

CNA Affected

[
  {
    "product": "Windows",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "7 for 32-bit Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "7 for x64-based Systems Service Pack 1"
      }
    ]
  },
  {
    "product": "Windows Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 R2 for Itanium-Based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2008 R2 for x64-based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 for Itanium-Based Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for 32-bit Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for x64-based Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
      }
    ]
  }
]