Lucene search
KdotZDI-19-551HistoryJun 11, 2019 - 12:00 a.m.
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2019-06-1100:00:00
kdot
www.zerodayinitiative.com
7
0.006 Low
EPSS
Percentile
77.9%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of font files in the gdiplus library. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Related
symantec
symantec
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI Information Disclosure (CVE-2019-1009)
2021-04-29 00:00:00
mscve
mscve
Windows GDI Information Disclosure Vulnerability
2019-06-11 07:00:00
cve
cve
cvelist
cvelist
nvd
nvd
prion
prion
Information disclosure
2019-06-12 14:29:00
Information disclosure
2019-06-12 14:29:00
Information disclosure
2019-06-12 14:29:00
mskb
mskb
June 11, 2019âKB4503287 (Security-only update)
2019-06-11 07:00:00
June 11, 2019âKB4503269 (Security-only update)
2019-06-11 07:00:00
June 11, 2019âKB4503273 (Monthly Rollup)
2019-06-11 07:00:00
nessus
nessus
KB4503287: Windows Server 2008 June 2019 Security Update
2019-06-11 00:00:00
KB4503269: Windows 7 and Windows Server 2008 R2 June 2019 Security Update
2019-06-11 00:00:00
kaspersky
kaspersky
KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)
2019-06-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4503292)
2019-06-12 00:00:00
talosblog
talosblog