New Search

Remote Desktop Protocol Client Information Disclosure Vulnerability - CVE-2019-1108

oval:org.cisecurity:def:6577

An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP client initializes memory.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008
  • Microsoft Windows 8.1
  • Microsoft Windows 7
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2019-1108
  • MSRC-CVE-2019-1108
  • KB4507456
  • KB4507461
  • KB4507464
  • KB4507457
  • KB4507458
  • KB4507460
  • KB4507450
  • KB4507455
  • KB4507435
  • KB4507469
  • KB4507453
Product(s):