CVE-2019-0853

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

Published : 2019-04-09 21:29 Updated : 2019-04-15 12:31

9.3
CVSS Score More info
Score 9.3 / 10
9.3
Vendor Product Version URI
Microsoft Windows 10 - cpe:/o:microsoft:windows_10:-
Microsoft Windows 10 1607 cpe:/o:microsoft:windows_10:1607
Microsoft Windows 10 1703 cpe:/o:microsoft:windows_10:1703
Microsoft Windows 10 1709 cpe:/o:microsoft:windows_10:1709
Microsoft Windows 10 1803 cpe:/o:microsoft:windows_10:1803
Microsoft Windows 10 1809 cpe:/o:microsoft:windows_10:1809
Microsoft Windows 7 - cpe:/o:microsoft:windows_7:-:sp1
Microsoft Windows 8.1 - cpe:/o:microsoft:windows_8.1:-
Microsoft Windows Rt 8.1 - cpe:/o:microsoft:windows_rt_8.1:-
Microsoft Windows Server 2008 - cpe:/o:microsoft:windows_server_2008:-:sp2
Microsoft Windows Server 2008 r2 cpe:/o:microsoft:windows_server_2008:r2:sp1:~~~~itanium~
Microsoft Windows Server 2008 r2 cpe:/o:microsoft:windows_server_2008:r2:sp1:~~~~x64~
Microsoft Windows Server 2012 - cpe:/o:microsoft:windows_server_2012:-
Microsoft Windows Server 2012 r2 cpe:/o:microsoft:windows_server_2012:r2
Microsoft Windows Server 2016 - cpe:/o:microsoft:windows_server_2016:-
Microsoft Windows Server 2016 1709 cpe:/o:microsoft:windows_server_2016:1709
Microsoft Windows Server 2016 1803 cpe:/o:microsoft:windows_server_2016:1803
Microsoft Windows Server 2019 - cpe:/o:microsoft:windows_server_2019:-
  1. Microsoft (8) Search CVE
    1. Windows 10 (6) Search CVE
      1. -
      2. 1607
      3. 1703
      4. 1709
      5. 1803
      6. 1809
    2. Windows Server 2008 (2) Search CVE
      1. -
      2. R2
    3. Windows 7 (1) Search CVE
      1. -
    4. Windows Server 2012 (2) Search CVE
      1. -
      2. R2
    5. Windows 8.1 (1) Search CVE
      1. -
    6. Windows Rt 8.1 (1) Search CVE
      1. -
    7. Windows Server 2019 (1) Search CVE
      1. -
    8. Windows Server 2016 (3) Search CVE
      1. -
      2. 1709
      3. 1803

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2019-04-15 12:31

New CVE