New Search

Windows Graphics Component Elevation of Privilege Vulnerability - CVE-2019-1407

oval:org.cisecurity:def:6789

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008
  • Microsoft Windows 8.1
  • Microsoft Windows 7
Class:
vulnerability
Reference(s):
  • CVE-2019-1407
  • MSRC-CVE-2019-1407
  • KB4525233
  • KB4525239
  • KB4525253
  • KB4525250
  • KB4525232
  • KB4525236
  • KB4525241
  • KB4525237
Product(s):