CVE-2019-0617
published 2019-04-08CVE-2019-0617: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code…
PriorityP347high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
19.59%
97.0th percentile
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server | — | — |
| microsoft | windows_server | — | — |
| microsoft | windows_server | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Jet Database Engine Remote Code Execution Vulnerability
vendor_msrc·2019-03-12·CVSS 7.8
CVE-2019-0617 [HIGH] Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.
The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.
Microsoft JET Database Engine: Microsoft JET Database Engine
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.updat
GHSA
GHSA-62x9-37xx-p5cf: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
ghsa_unreviewed·2022-05-13
CVE-2019-0617 [HIGH] GHSA-62x9-37xx-p5cf: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.
No detection rules found.
No public exploits indexed.
Trendmicro
December Patch Tuesday: Fixes for components, RDP
blogs_trendmicro·2019-12-11·CVSS 6.1
[MEDIUM] December Patch Tuesday: Fixes for components, RDP
Exploits & Vulnerabilities
# December Patch Tuesday: Fixes for components, RDP
Seven of the 36 fixes for this month's Patch Tuesday were identified as Critical, 28 Important, and one Moderate. The vulnerabilities covered a wide variety of Microsoft products: Windows, IE, Office, Hyper-V Server, and SQL Server, among others.
By: Trend Micro
2019/12/11
Read time: ( words)
Save to Folio
Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of patches, and the last Patch Tuesday of the 2010s was no different. Seven of the 36 patches were identified as Critical, 28 Important, and one Moderate. The vulnerabilities covered a wide variety of Microsoft products, including Windows, Internet Explorer, Office, Hyper-V Server, and SQ
Trendmicro
December Patch Tuesday: Fixes for components, RDP
blogs_trendmicro·2019-12-11·CVSS 6.1
[MEDIUM] December Patch Tuesday: Fixes for components, RDP
# December Patch Tuesday: Fixes for components, RDP
Seven of the 36 fixes for this month's Patch Tuesday were identified as Critical, 28 Important, and one Moderate. The vulnerabilities covered a wide variety of Microsoft products: Windows, IE, Office, Hyper-V Server, and SQL Server, among others.
By: Trend Micro
Dec 11, 2019
Read time: ( words)
Save to Folio
Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of patches, and the last Patch Tuesday of the 2010s was no different. Seven of the 36 patches were identified as Critical, 28 Important, and one Moderate. The vulnerabilities covered a wide variety of Microsoft products, including Windows, Internet Explorer, Office, Hyper-V Server, and SQL Server. None of the fixe
2019-04-08
Published