Vulnerability Description
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Office | 2019 |
| Microsoft | Windows 10 | - |
| Microsoft | Windows 7 | - |
| Microsoft | Windows 8.1 | - |
| Microsoft | Windows Rt 8.1 | - |
| Microsoft | Windows Server 2008 | - |
| Microsoft | Windows Server 2012 | - |
| Microsoft | Windows Server 2016 | - |
| Microsoft | Windows Server 2019 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbiThird Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153PatchVendor Advisory
- http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbiThird Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153PatchVendor Advisory
FAQ
What is CVE-2019-1153?
CVE-2019-1153 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain...
How severe is CVE-2019-1153?
CVE-2019-1153 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-1153?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office, Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8.1, Microsoft Windows Rt 8.1.