CVE-2019-1358
published 2019-10-10CVE-2019-1358: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code…
PriorityP353high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
76.45%
99.5th percentile
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1359.
Affected
66 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered when a victim opens a specially crafted file targeting the Windows Jet Database Engine; monitor for suspicious file opens involving JET/MDB file types from untrusted sources. ↗
- →The vulnerable component is the Microsoft JET Database Engine (msjet*.dll); monitor for memory corruption or anomalous process behavior originating from JET database engine processing. ↗
- ·Exploit status at time of advisory: not publicly disclosed and not exploited in the wild; exploitation assessed as 'Less Likely' for both latest and older software releases. ↗
- ·Active Directory and Exchange Server are explicitly confirmed as NOT affected by this vulnerability. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Jet Database Engine Remote Code Execution Vulnerability
vendor_msrc·2019-10-08·CVSS 7.8
CVE-2019-1358 [HIGH] Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.
The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.
FAQ: Are Active Directory and Exchange Server affected by this vulnerability?
No, Active Directory and Exchange Server are not affected.
Microsoft JET Database Engine: Microsoft JET Database Engine
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
GHSA
GHSA-g9j8-p73p-mqrw: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2019-1359 [HIGH] GHSA-g9j8-p73p-mqrw: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1358.
GHSA
GHSA-fhxm-64hr-g7jv: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2019-1358 [HIGH] GHSA-fhxm-64hr-g7jv: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1359.
No detection rules found.
No public exploits indexed.
Trendmicro
November Patch Tuesday: 74 Fixes Before Major Update
blogs_trendmicro·2019-11-13·CVSS 9.1
[CRITICAL] November Patch Tuesday: 74 Fixes Before Major Update
Exploits & Vulnerabilities
# November Patch Tuesday: 74 Fixes Before Major Update
November Patch Tuesday holds a total of 74 patches, with 13 classified as Critical for remote code execution (RCE) flaws. The remaining majority were rated as Important and included patches for graphics components and SharePoint, among others.
By: Trend Micro
2019/11/13
Read time: ( words)
Save to Folio
Following the relatively light list from last month, November proved to be a much more eventful month for Microsoft users. The November Patch Tuesday holds more fixes with a total of 74 patches, 13 of which were classified as Critical patches for remote code execution (RCE) vulnerabilities. The remaining majority were rated as Important and included patches for Windows graphics components and Microsoft S
Trendmicro
November Patch Tuesday: 74 Fixes Before Major Update
blogs_trendmicro·2019-11-13·CVSS 9.1
[CRITICAL] November Patch Tuesday: 74 Fixes Before Major Update
# November Patch Tuesday: 74 Fixes Before Major Update
November Patch Tuesday holds a total of 74 patches, with 13 classified as Critical for remote code execution (RCE) flaws. The remaining majority were rated as Important and included patches for graphics components and SharePoint, among others.
By: Trend Micro
Nov 13, 2019
Read time: ( words)
Save to Folio
Following the relatively light list from last month, November proved to be a much more eventful month for Microsoft users. The November Patch Tuesday holds more fixes with a total of 74 patches, 13 of which were classified as Critical patches for remote code execution (RCE) vulnerabilities. The remaining majority were rated as Important and included patches for Windows graphics components and Microsoft SharePoint, among others. T
Talos
Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage
blogs_talos·2019-10-08·CVSS 6.4
[MEDIUM] Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday discloses 60 vulnerabilities, nine of which are considered "critical," with the rest being deemed "important."
This month’s security update covers security issues in a variety of Microsoft services and software, the Chakra Scripting Engine, the Windows operating system and the SharePoint software.
Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities. For more, check out the Snort blog post here.
### Critical vulnerabilities Microsoft disclosed nine critical vulnerabilities this month, eight of which we will highlight below.
CVE-2019-1333 is a client-side remote execution vulne
Talos
Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage
blogs_talos·2019-10-08·CVSS 6.4
[MEDIUM] Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday discloses 60 vulnerabilities, nine of which are considered "critical," with the rest being deemed "important."
This month’s security update covers security issues in a variety of Microsoft services and software, the Chakra Scripting Engine, the Windows operating system and the SharePoint software.
Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities. For more, check out the Snort blog post here .
## Critical vulnerabilities Microsoft disclosed nine critical vulnerabilities this month, eight of
2019-10-10
Published