CVE-2019-0602Sensitive Information Exposure in Microsoft Windows

13 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
25.8%
top 3.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
Microsoft WindowsMicrosoft Windows ServerMicrosoft Windows 10+19 more
Timeline
PublishedMar 5
Latest updateMay 13

Description

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages20 packages

CVEListV5microsoft/windows5 versions+4

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

6
GHSA
GHSA-wfgr-rmq2-fv24: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform2022-05-13
GHSA
GHSA-r79j-42xh-vhp9: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform2022-05-13
GHSA
GHSA-2hpg-q8qc-c6c7: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform2022-05-13
GHSA
GHSA-6mvw-4frj-38qr: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform2022-05-13
GHSA
GHSA-x99q-vrgc-2mx8: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform2022-05-13

📋Vendor Advisories

1
Microsoft
Windows GDI Information Disclosure Vulnerability2019-02-12
CVE-2019-0602 — Sensitive Information Exposure | cvebase