Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-1117 — Windows Server 2019 vulnerability
24 documents5 sources
Severity
8.8HIGHNVD
EPSS
39.1%
top 2.71%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJul 15
Latest updateMay 24
Description
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages22 packages
▶CVEListV5microsoft/windows_server2019, 2019 (Core installation), version 1803 (Core Installation)+2
Patches
🔴Vulnerability Details
10GHSA▶
GHSA-229f-hv2p-3mxc: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerabili↗2022-05-24
GHSA▶
GHSA-q2ww-4p89-22gg: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerabili↗2022-05-24
GHSA▶
GHSA-j839-xpjx-4gm7: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerabili↗2022-05-24
GHSA▶
GHSA-34cj-gvj6-2422: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerabili↗2022-05-24
GHSA▶
GHSA-mv4v-p439-fv5j: A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerabili↗2022-05-24
💥Exploits & PoCs
1Exploit-DB▶
Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth↗2019-07-10