CVE-2019-0661Improper Initialization in Microsoft Windows

CWE-665Improper Initialization7 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.4%
top 38.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Microsoft WindowsMicrosoft Windows ServerMicrosoft Windows 10+11 more
Timeline
PublishedMar 5
Latest updateMay 13

Description

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages12 packages

CVEListV5microsoft/windows14 versions+13
NVDmicrosoft/windowsr2, 1709, 1803+2
NVDmicrosoft/windows_105 versions+4
CVEListV5microsoft/windows_server10 versions+9

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-6fxj-cg6g-qp5h: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosur2022-05-13
GHSA
GHSA-22xr-27f6-p2cr: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosur2022-05-13
GHSA
GHSA-x38j-838v-5wq3: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory2022-05-13

📋Vendor Advisories

1
Microsoft
Windows Kernel Information Disclosure Vulnerability2019-02-12