Lucene search
KdotZDI-19-573HistoryJun 17, 2019 - 12:00 a.m.
Microsoft Windows gdiplus Font Parsing Uninitialized Pointer Information Disclosure Vulnerability
2019-06-1700:00:00
kdot
www.zerodayinitiative.com
16
EPSS
0.016
Percentile
87.7%
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of font files in the gdiplus library. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Related
zdi
zdi
mscve
mscve
Windows GDI Information Disclosure Vulnerability
2019-06-11 07:00:00
symantec
symantec
cve
cve
prion
prion
Information disclosure
2019-06-12 14:29:00
Information disclosure
2019-06-12 14:29:00
Information disclosure
2019-06-12 14:29:00
cvelist
cvelist
nvd
nvd
mskb
mskb
June 11, 2019âKB4503287 (Security-only update)
2019-06-11 07:00:00
June 11, 2019âKB4503269 (Security-only update)
2019-06-11 07:00:00
June 11, 2019âKB4503273 (Monthly Rollup)
2019-06-11 07:00:00
nessus
nessus
KB4503287: Windows Server 2008 June 2019 Security Update
2019-06-11 00:00:00
KB4503269: Windows 7 and Windows Server 2008 R2 June 2019 Security Update
2019-06-11 00:00:00
kaspersky
kaspersky
KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)
2019-06-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4503292)
2019-06-12 00:00:00
talosblog
talosblog