CVE-2019-0661

Опубликовано: 12 фев. 2019

Источник: msrc

CVSS3: 4.7

EPSS Низкий

Описание

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

An authenticated attacker could exploit this vulnerability by running a specially crafted application.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

FAQ

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.

Обновления

Продукт	Статья	Обновление
Windows Server 2008 for Itanium-Based Systems Service Pack 2	4487023 4487019	Monthly Rollup Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2	4487023 4487019	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2	4487023 4487019	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	4487023 4487019	Monthly Rollup Security Only
Windows 7 for 32-bit Systems Service Pack 1	4486563 4486564	Monthly Rollup Security Only
Windows 7 for x64-based Systems Service Pack 1	4486563 4486564	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	4486563 4486564	Monthly Rollup Security Only
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1	4486563 4486564	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1	4486563 4486564	Monthly Rollup Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	4487023 4487019	Monthly Rollup Security Only

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

N/A

Older Software Release

Exploitation More Likely

EPSS

Процентиль: 65%

0.00495

Низкий

4.7 Medium

CVSS3

Связанные уязвимости

CVE-2019-0661

CVSS3: 5.5

nvd

почти 7 лет назад

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663.

GHSA-22xr-27f6-p2cr

CVSS3: 5.5

github

больше 3 лет назад

BDU:2019-00814