Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2019-1315

Published: 10/10/2019 Updated: 24/08/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 10 1607

microsoft windows 10 1709

microsoft windows server 2008 -

microsoft windows server 2008 r2

microsoft windows server 2016 1903

microsoft windows 10 1809

microsoft windows 10 1903

microsoft windows 7 -

microsoft windows 8.1 -

microsoft windows server 2012 -

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2016 1803

microsoft windows 10 -

microsoft windows 10 1703

microsoft windows 10 1803

microsoft windows rt 8.1 -

microsoft windows server 2019 -

Github Repositories

https://github.com/sailay1996/SpoolTrigger

Weaponizing for privileged file writes bugs with PrintNotify Service

SpoolTrigger Weaponizing for privileged file writes bugs with PrintNotify Service Short Description: Imre Rad found this technique in the winspool service which can be triggered via clsid854a20fb-2d44-457d-992f-ef13785d2b51 by any user using OLEViewNET That service is not running by default and it's running as NT_AUTHORITY\SYSTEM When the service is start, it loads a dl

https://github.com/Mayter/CVE-2019-1315

Windows Error Reporting Manager arbitrary file move Elevation of Privilege Details: offsecalmondconsulting/windows-error-reporting-arbitrary-file-move-eophtml You will need the NtApiDotNet library to run it, as well as a valid Reportwer file, both to be placed in the same directory as the pocps1 script To generate a WER report file, you can run the [Environment]::

https://github.com/k-lfa/MSExploit

MSExploit SpoolSample Compiled from githubcom/leechristensen/SpoolSample Rubeus Compiled from githubcom/GhostPack/Rubeus Sharpup Compiled from githubcom/GhostPack/SharpUp Seatbelt Compiled from githubcom/GhostPack/Seatbelt CVE-2019-1315 Compiled from githubcom/AlmondOffSec/PoCs/tree/master/Windows_wermgr_eop Compiled from git

Recent Articles

Microsoft Patch Tuesday – October 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 09 Oct 2024

This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.

Posted: 9 Oct, 201918 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – October 2019This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical. As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all soft...

Read more...

References

CWE-59https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1315https://nvd.nist.govhttps://github.com/sailay1996/SpoolTriggerhttps://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-october-2019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook