CVE-2019-0702Improper Initialization in Microsoft Windows

CWE-665Improper Initialization11 documents3 sources
Severity
5.5MEDIUMNVD
NVD4.7
EPSS
0.7%
top 27.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
Microsoft WindowsMicrosoft Windows ServerMicrosoft Windows 10+19 more
Timeline
PublishedApr 9
Latest updateMay 13

Description

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages20 packages

CVEListV5microsoft/windows14 versions+13

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

5
GHSA
GHSA-39w9-j3qh-wmx9: An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information2022-05-13
GHSA
GHSA-f26g-rgwg-4vxw: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory2022-05-13
GHSA
GHSA-v3pc-4334-h2v7: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosur2022-05-13
GHSA
GHSA-xp23-4cw6-346h: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosur2022-05-13
GHSA
GHSA-m68c-mfwr-9xpc: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosur2022-05-13

📋Vendor Advisories

1
Microsoft
Windows Kernel Information Disclosure Vulnerability2019-03-12
CVE-2019-0702 — Improper Initialization in Microsoft | cvebase