CVE-2019-1458 | Vulnerability Database | Aqua Security

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka Win32k Elevation of Privilege Vulnerability.

Affected Software

Name	Vendor	Start Version	End Version
Windows_10_1507	Microsoft	- (including)	- (including)
Windows_10_1607	Microsoft	- (including)	- (including)
Windows_7	Microsoft	–sp1 (including)	–sp1 (including)
Windows_8.1	Microsoft	- (including)	- (including)
Windows_rt_8.1	Microsoft	- (including)	- (including)
Windows_server_2008	Microsoft	–sp2 (including)	–sp2 (including)
Windows_server_2008	Microsoft	r2-sp1 (including)	r2-sp1 (including)
Windows_server_2012	Microsoft	- (including)	- (including)
Windows_server_2012	Microsoft	r2 (including)	r2 (including)
Windows_server_2016	Microsoft	- (including)	- (including)

References

http://packetstormsecurity.com/files/156651/Microsoft-Windows-WizardOpium-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/159569/Microsoft-Windows-Uninitialized-Variable-Local-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458
http://packetstormsecurity.com/files/156651/Microsoft-Windows-WizardOpium-Local-Privilege-Escalation.html
http://packetstormsecurity.com/files/159569/Microsoft-Windows-Uninitialized-Variable-Local-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458

NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-1458
CWE	https://cwe.mitre.org/data/definitions/.html