Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2019-1347

Published: 10/10/2019 Updated: 24/08/2020
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 715
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Subscribe to Microsoft

Vulnerability Summary

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 10 1607

microsoft windows 10 1903

microsoft windows rt 8.1 -

microsoft windows 10 1703

microsoft windows 10 1709

microsoft windows 10 1803

microsoft windows 10 1809

microsoft windows server 2016 -

microsoft windows server 2016 1803

microsoft windows server 2016 1903

microsoft windows server 2019 -

microsoft windows 10 -

microsoft windows 8.1 -

microsoft windows server 2012 r2

Exploits

Exploit DB: Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File
We have encountered a Windows kernel crash in memcpy() called by nt!MiRelocateImage while trying to load a malformed PE image into the process address space as a data file (ie LoadLibraryEx(LOAD_LIBRARY_AS_DATAFILE | LOAD_LIBRARY_AS_IMAGE_RESOURCE)) An example crash log generated after triggering the bug is shown below: --- cut --- *** Fatal Sy ...

Recent Articles

Microsoft Patch Tuesday – October 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 09 Oct 2024

This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.

Posted: 9 Oct, 201918 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – October 2019This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical. As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all soft...

Read more...

References

CWE-125https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1347http://packetstormsecurity.com/files/154802/Microsoft-Windows-Kernel-nt-MiRelocateImage-Out-Of-Bounds-Read.htmlhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/47489
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook