CVE-2019-0837Sensitive Information Exposure in Microsoft Windows

3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.7%
top 27.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Microsoft WindowsMicrosoft Windows ServerMicrosoft Windows 10+11 more
Timeline
PublishedApr 9
Latest updateMay 13

Description

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages14 packages

CVEListV5microsoft/windows8 versions+7
NVDmicrosoft/windows1709, 1803+1
NVDmicrosoft/windows_101703, 1709, 1803+2
CVEListV5microsoft/windows_serverversion 1709 (Core Installation), version 1803 (Core Installation)+1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-pg3x-xr3j-9vv7: An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'2022-05-13

📋Vendor Advisories

1
Microsoft
DirectX Information Disclosure Vulnerability2019-04-09
CVE-2019-0837 — Sensitive Information Exposure | cvebase