CVE-2019-0808

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.

Published: Apr 9, 2019
Updated: Jul 26, 2024
CVE: CVE-2019-0808
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2008	r2-sp1	r2-sp1.x
microsoft / windows_server_2008	--sp2	--sp2.x
microsoft / windows_7	--sp1	--sp1.x

http://packetstormsecurity.com/files/157616/Microsoft-Windows-NtUserMNDragOver-Local-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808

Vulnerability Database

289,571

CVE-2019-0808