CVE-2019-1246

4 documents4 sources
Severity
7.8HIGH
EPSS
35.5%
top 2.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Microsoft Microsoft OfficeMicrosoft Office 365 ProplusMicrosoft Windows+9 more
Timeline
PublishedSep 11
Latest updateMay 24

Description

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248, CVE-2019-1249, CVE-2019-1250.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages10 packages

CVEListV5microsoft/windows20 versions+19
NVDmicrosoft/windowsr2, 1803, 1903+2
NVDmicrosoft/windows_106 versions+5
CVEListV5microsoft/windows_server17 versions+16

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-5qqm-ghmq-h9vw: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot2022-05-24
CVEList
CVE-2019-1246: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot2019-09-11

📋Vendor Advisories

1
Microsoft
Jet Database Engine Remote Code Execution Vulnerability2019-09-10
CVE-2019-1246 (HIGH CVSS 7.8) | A remote code execution vulnerabili | cvebase.io