CVE-2019-0856
published 2019-04-09CVE-2019-0856: A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
PriorityP351high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
EPSS
18.44%
96.9th percentile
A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
Affected
63 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
CVSS provenance
nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_msrc6.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p4gp-mjm2-2fgp: A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'
ghsa_unreviewed·2022-05-13
CVE-2019-0856 [HIGH] GHSA-p4gp-mjm2-2fgp: A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'
A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
Microsoft
Windows Remote Code Execution Vulnerability
vendor_msrc·2019-04-09·CVSS 6.6
CVE-2019-0856 [HIGH] Windows Remote Code Execution Vulnerability
Windows Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could take control of an affected system.
To exploit the vulnerability, an authenticated attacker could connect via the Windows Remote Registry Service, causing Windows to execute arbitrary code.
The security update addresses the vulnerability by correcting how Windows handles objects in memory.
Windows Kernel: Windows Kernel
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4493474
No detection rules found.
No public exploits indexed.
2019-04-09
Published