CVE-2019-1175

An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the psmsrv.dll properly handles objects in memory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:36

Type Values Removed Values Added
References () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1175 - Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1175 - Patch, Vendor Advisory

03 Jul 2024, 01:35

Type Values Removed Values Added
CWE CWE-269

29 May 2024, 17:16

Type Values Removed Values Added
CVSS v2 : 4.6
v3 : 7.8
v2 : 4.6
v3 : 7.0
Summary (en) An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186. (en) An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the psmsrv.dll properly handles objects in memory.

Information

Published : 2019-08-14 21:15

Updated : 2024-11-21 04:36


NVD link : CVE-2019-1175

Mitre link : CVE-2019-1175

CVE.ORG link : CVE-2019-1175


JSON object : View

Products Affected

microsoft

  • windows_server_2019
  • windows_10
  • windows_server_2016
CWE
NVD-CWE-noinfo CWE-269

Improper Privilege Management