9.3
CVSSv2

CVE-2019-0888

Published: 12/06/2019 Updated: 12/06/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Microsoft Windows could allow a remote malicious user to execute arbitrary code on the system, caused by improper handling of objects in memory by the ActiveX Data objects (ADO). By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.

Vulnerability Trend

Github Repositories

CVE-2019-0888 PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)

Recent Articles

Microsoft Patch Tuesday – June 2019
Symantec Threat Intelligence Blog • Himanshu Mehta • 12 Jun 2019

This month the vendor has patched 88 vulnerabilities, 20 of which are rated Critical.

Posted: 12 Jun, 201931 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – June 2019This month the vendor has patched 88 vulnerabilities, 20 of which are rated Critical.As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all software with the least privileges required while still mainta...