New Search

Windows SMB Information Disclosure Vulnerability - CVE-2019-0703

oval:org.cisecurity:def:6631

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet which could lead to information disclosure from the server. To exploit the vulnerability an attacker would have to be able to authenticate and send SMB messages to an impacted Windows SMB Server The security update addresses the vulnerability by correcting how Windows SMB Server handles authenticated requests.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 10
  • Microsoft Windows 7
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2016
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2012
Class:
vulnerability
Reference(s):
  • CVE-2019-0703
  • MSRC-CVE-2019-0703
  • KB4489885
  • KB4489876
  • KB4489884
  • KB4489883
  • KB4489872
  • KB4489882
  • KB4489871
  • KB4489886
  • KB4489868
  • KB4489899
Product(s):