An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.
The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: microsoft
Published: 2019-08-14T20:55:03
Updated: 2024-08-04T18:06:32.244Z
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-1154
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-08-14T21:15:15.173
Modified: 2024-11-21T04:36:08.013
Link: CVE-2019-1154
Redhat
No data.