Published: 10/10/2019 Updated: 21/07/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass Vulnerability'.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 7 -
microsoft windows server 2008 -
microsoft windows server 2008 r2

Study notes on Windows NTLM Reflection and token stealing based EOPs.

Awesome Windows Potatoes Study notes on Windows NTLM Reflection and token stealing based EOPs Misc RPC/Microsoft RPC/MSRPC (Microsoft Remote Procedure Call) -- is a modified version of DCE/RPC Additions include partial support for UCS-2 (but not Unicode) strings, implicit handles, and complex calculations in the variable-length string and structure paradigms already pre

Microsoft Patch Tuesday – October 2019

Symantec Threat Intelligence Blog • Ratheesh PM • 09 Oct 2024

This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.

Posted: 9 Oct, 201918 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – October 2019This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical. As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all soft...

CVE-2019-1338

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect