CVE-2019-1430Microsoft Windows 10 Version 1903 FOR 32-bit Systems vulnerability

8 documents5 sources
Severity
7.8HIGHNVD
EPSS
33.7%
top 3.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Microsoft Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Windows 10 Version 1903 FOR Arm64-based SystemsMicrosoft Windows 10 Version 1903 FOR X64-based Systems+6 more
Timeline
PublishedNov 12
Latest updateMay 24

Description

A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'Microsoft Windows Media Foundation Remote Code Execution Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages9 packages

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

1
GHSA
GHSA-63qr-q2fr-xr46: A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files2022-05-24

📋Vendor Advisories

1
Microsoft
Microsoft Windows Media Foundation Remote Code Execution Vulnerability2019-11-12

🕵️Threat Intelligence

4
Talos
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Media Foundation2019-11-12
Talos
Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort coverage2019-11-12
Talos
Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort coverage2019-11-12
Talos
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Media Foundation2019-11-12
CVE-2019-1430 — Microsoft vulnerability | cvebase