CVE Vulnerabilities

CVE-2019-1415

Published: Nov 12, 2019 | Modified: Aug 24, 2020
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka Windows Installer Elevation of Privilege Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_10 Microsoft - (including) - (including)
Windows_10 Microsoft 1607 (including) 1607 (including)
Windows_10 Microsoft 1709 (including) 1709 (including)
Windows_10 Microsoft 1803 (including) 1803 (including)
Windows_10 Microsoft 1809 (including) 1809 (including)
Windows_10 Microsoft 1903 (including) 1903 (including)
Windows_7 Microsoft –sp1 (including) –sp1 (including)
Windows_8.1 Microsoft - (including) - (including)
Windows_rt_8.1 Microsoft - (including) - (including)
Windows_server_2008 Microsoft –sp2 (including) –sp2 (including)
Windows_server_2008 Microsoft r2-sp1 (including) r2-sp1 (including)
Windows_server_2012 Microsoft - (including) - (including)
Windows_server_2012 Microsoft r2 (including) r2 (including)
Windows_server_2016 Microsoft - (including) - (including)
Windows_server_2016 Microsoft 1803 (including) 1803 (including)
Windows_server_2016 Microsoft 1903 (including) 1903 (including)
Windows_server_2019 Microsoft - (including) - (including)

References