CVE-2019-1432

2019-11-1218:53:12

microsoft

www.cve.org

AI Score

7.3

Confidence

High

EPSS

0.116

Percentile

95.3%

JSON

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka ‘DirectWrite Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-1411.

CNA Affected

[
  {
    "product": "Windows",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "7 for 32-bit Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "7 for x64-based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "8.1 for 32-bit systems"
      },
      {
        "status": "affected",
        "version": "8.1 for x64-based systems"
      },
      {
        "status": "affected",
        "version": "RT 8.1"
      }
    ]
  },
  {
    "product": "Windows Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 R2 for Itanium-Based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2008 R2 for x64-based Systems Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2012"
      },
      {
        "status": "affected",
        "version": "2012 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2012 R2"
      },
      {
        "status": "affected",
        "version": "2012 R2 (Core installation)"
      },
      {
        "status": "affected",
        "version": "2008 for Itanium-Based Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for 32-bit Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for x64-based Systems Service Pack 2"
      },
      {
        "status": "affected",
        "version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
      }
    ]
  }
]