Published: 10/10/2019 Updated: 24/08/2020

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 9.9 | Impact Score: 6 | Exploitability Score: 3.1

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\system escaping the Sandbox.The security update addresses the vulnerability by correcting how Microsoft IIS Server sanitizes web requests., aka 'Microsoft IIS Server Elevation of Privilege Vulnerability'.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 7 -
microsoft windows 8.1 -
microsoft windows rt 8.1 -
microsoft windows 10 1607
microsoft windows 10 1809
microsoft windows server 2008 -
microsoft windows server 2016 -
microsoft windows server 2016 1903
microsoft windows server 2008 r2
microsoft windows server 2012 -
microsoft windows server 2012 r2
microsoft windows 10 1803
microsoft windows 10 1903
microsoft windows server 2016 1803
microsoft windows server 2019 -

Microsoft Patch Tuesday – October 2019

Symantec Threat Intelligence Blog • Ratheesh PM • 09 Oct 2024

This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.

Posted: 9 Oct, 201918 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – October 2019This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical.This month the vendor has patched 59 vulnerabilities, 9 of which are rated Critical. As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all soft...

CVE-2019-1365

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect