CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2019-1155 – Jet Database Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1155
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. Existe una vulnerabilidad de ejecución de código remota cuando el Motor de Base de Datos Jet de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-1146, CVE-2019-1147, CVE-2019-1156, CVE-2019-1157. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1155 •
CVSS: 9.3EPSS: 1%CPEs: 19EXPL: 0CVE-2019-1147 – Jet Database Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1147
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. Existe una vulnerabilidad de ejecución de código remota cuando el Motor de Base de Datos Jet de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-1146, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1147 •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1CVE-2019-1148 – Microsoft Graphics Component Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1148
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory. Existe una vulnerabilidad de divulgación de información cuando el Componente Graphics de Microsoft Windows maneja inapropiadamente los objetos en la memoria, también se conoce como "Microsoft Graphics Component Information Disclosure Vulnerability". El ID de este CVE es diferente de CVE-2019-1078, CVE-2019-1153. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. • https://www.exploit-db.com/exploits/47262 http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1143 – Windows Graphics Component Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1143
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage. The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. Existe una vulnerabilidad de divulgación de información cuando el componente GDI de Windows divulga inapropiadamente el contenido de su memoria, también se conoce como "Windows Graphics Component Information Disclosure Vulnerability". El ID de este CVE es diferente de CVE-2019-1154, CVE-2019-1158. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1143 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 19EXPL: 0CVE-2019-1146 – Jet Database Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1146
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory. Existe una vulnerabilidad de ejecución de código remota cuando el Motor de Base de Datos Jet de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2019-1147, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1146 •