CVE-2019-1094 — Sensitive Information Exposure in Microsoft Windows
Severity
6.5MEDIUMNVD
EPSS
12.4%
top 6.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 15
Latest updateMay 24
Description
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages20 packages
▶CVEListV5microsoft/windows7 for 32-bit Systems Service Pack 1, 7 for x64-based Systems Service Pack 1+1
Patches
🔴Vulnerability Details
7GHSA▶
GHSA-mmxr-cww4-8j7w: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform↗2022-05-24
GHSA▶
GHSA-7vf2-fhm2-7447: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform↗2022-05-24
GHSA▶
GHSA-p8h6-5v93-4m8j: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform↗2022-05-24
GHSA▶
GHSA-w629-hqm8-x7pj: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform↗2022-05-24
GHSA▶
GHSA-pf2v-jvm5-2q56: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Inform↗2022-05-24