July 2019 Security Updates
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Denial of Service Vulnerability | |||||||
%%cve:2019-1083%% | No | No | Less Likely | Less Likely | Important | ||
.NET Framework Remote Code Execution Vulnerability | |||||||
%%cve:2019-1113%% | No | No | More Likely | More Likely | Critical | ||
ADFS Security Feature Bypass Vulnerability | |||||||
%%cve:2019-0975%% | No | No | Less Likely | Less Likely | Important | 4.3 | 3.9 |
%%cve:2019-1126%% | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
ASP.NET Core Spoofing Vulnerability | |||||||
%%cve:2019-1075%% | No | No | Less Likely | Less Likely | Moderate | ||
Azure Automation Elevation of Privilege Vulnerability | |||||||
%%cve:2019-0962%% | Yes | No | Less Likely | Less Likely | Important | ||
Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability | |||||||
%%cve:2019-1072%% | No | No | Less Likely | Less Likely | Critical | ||
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
%%cve:2019-1062%% | No | No | – | – | Critical | 4.2 | 3.8 |
%%cve:2019-1092%% | No | No | – | – | Critical | 4.2 | 3.8 |
%%cve:2019-1103%% | No | No | – | – | Critical | 4.2 | 3.8 |
%%cve:2019-1106%% | No | No | – | – | Critical | 4.2 | 3.8 |
%%cve:2019-1107%% | No | No | – | – | Critical | 4.2 | 3.8 |
DirectWrite Information Disclosure Vulnerability | |||||||
%%cve:2019-1093%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
%%cve:2019-1097%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
DirectWrite Remote Code Execution Vulnerability | |||||||
%%cve:2019-1117%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1118%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1119%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1120%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1121%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1122%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1123%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1124%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1127%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1128%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
DirectX Elevation of Privilege Vulnerability | |||||||
%%cve:2019-0999%% | No | No | – | – | Important | 7.8 | 7.0 |
Docker Elevation of Privilege Vulnerability | |||||||
%%cve:2018-15664%% | Yes | No | Less Likely | Less Likely | Important | ||
GDI+ Remote Code Execution Vulnerability | |||||||
%%cve:2019-1102%% | No | No | Less Likely | Less Likely | Critical | 8.4 | 7.6 |
Internet Explorer Memory Corruption Vulnerability | |||||||
%%cve:2019-1063%% | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
Latest Servicing Stack Updates | |||||||
ADV990001 | No | No | – | – | Critical | ||
Microsoft Browser Memory Corruption Vulnerability | |||||||
%%cve:2019-1104%% | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
Microsoft Excel Information Disclosure Vulnerability | |||||||
%%cve:2019-1112%% | No | No | More Likely | More Likely | Important | ||
Microsoft Excel Remote Code Execution Vulnerability | |||||||
%%cve:2019-1110%% | No | No | Less Likely | Less Likely | Important | ||
%%cve:2019-1111%% | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Information Disclosure Vulnerability | |||||||
%%cve:2019-1084%% | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1136%% | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Server Spoofing Vulnerability | |||||||
%%cve:2019-1137%% | No | No | Less Likely | Less Likely | Important | ||
Microsoft Office SharePoint XSS Vulnerability | |||||||
%%cve:2019-1134%% | No | No | Less Likely | Less Likely | Important | ||
Microsoft Office Spoofing Vulnerability | |||||||
%%cve:2019-1109%% | No | No | Less Likely | Less Likely | Important | ||
Microsoft SQL Server Remote Code Execution Vulnerability | |||||||
%%cve:2019-1068%% | Yes | No | Less Likely | Less Likely | Important | ||
Microsoft Windows Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1074%% | No | No | More Likely | More Likely | Important | 5.3 | 5.3 |
%%cve:2019-1082%% | No | No | – | – | Important | 7.7 | 7.7 |
Microsoft splwow64 Elevation of Privilege Vulnerability | |||||||
%%cve:2019-0880%% | No | Yes | Detected | More Likely | Important | 7.0 | 6.3 |
Microsoft unistore.dll Information Disclosure Vulnerability | |||||||
%%cve:2019-1091%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Outlook on the web Cross-Site Scripting Vulnerability | |||||||
ADV190021 | No | No | – | – | Important | ||
Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||||
%%cve:2019-1108%% | No | No | More Likely | More Likely | Important | 6.5 | 5.9 |
Remote Desktop Services Remote Code Execution Vulnerability | |||||||
%%cve:2019-0887%% | Yes | No | More Likely | More Likely | Important | 8.0 | 7.2 |
Scripting Engine Memory Corruption Vulnerability | |||||||
%%cve:2019-1056%% | No | No | – | – | Critical | 6.4 | 5.8 |
%%cve:2019-1059%% | No | No | Less Likely | Less Likely | Critical | 6.4 | 5.8 |
%%cve:2019-1001%% | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
%%cve:2019-1004%% | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
SymCrypt Denial of Service Vulnerability | |||||||
%%cve:2019-0865%% | Yes | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
Team Foundation Server Cross-site Scripting Vulnerability | |||||||
%%cve:2019-1076%% | No | No | Less Likely | Less Likely | Important | ||
Visual Studio Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1077%% | No | No | Less Likely | Less Likely | Important | ||
Visual Studio Information Disclosure Vulnerability | |||||||
%%cve:2019-1079%% | No | No | Less Likely | Less Likely | Important | ||
WCF/WIF SAML Token Authentication Bypass Vulnerability | |||||||
%%cve:2019-1006%% | No | No | Less Likely | Less Likely | Important | ||
Win32k Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1132%% | No | Yes | – | – | Important | 7.8 | 7.2 |
Win32k Information Disclosure Vulnerability | |||||||
%%cve:2019-1096%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows Audio Service Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1086%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1087%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
%%cve:2019-1088%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows DHCP Server Remote Code Execution Vulnerability | |||||||
%%cve:2019-0785%% | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.8 |
Windows DNS Server Denial of Service Vulnerability | |||||||
%%cve:2019-0811%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
Windows Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1129%% | Yes | No | More Likely | More Likely | Important | 7.8 | 7.0 |
%%cve:2019-1130%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows Error Reporting Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1037%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows GDI Information Disclosure Vulnerability | |||||||
%%cve:2019-1094%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
%%cve:2019-1095%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
%%cve:2019-1098%% | No | No | – | – | Important | 5.5 | 5.0 |
%%cve:2019-1099%% | No | No | – | – | Important | 5.5 | 5.0 |
%%cve:2019-1100%% | No | No | – | – | Important | 5.5 | 5.0 |
%%cve:2019-1101%% | No | No | – | – | Important | 5.5 | 5.0 |
%%cve:2019-1116%% | No | No | – | – | Important | 5.5 | 5.0 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
%%cve:2019-0966%% | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1067%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows Kernel Information Disclosure Vulnerability | |||||||
%%cve:2019-1071%% | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
%%cve:2019-1073%% | No | No | More Likely | More Likely | Important | 5.5 | 5.0 |
Windows RPCSS Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1089%% | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows WLAN Service Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1085%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Windows dnsrlvr.dll Elevation of Privilege Vulnerability | |||||||
%%cve:2019-1090%% | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
—
John Bambenek
bambenek at gmail /dot/ com
ThreatSTOP
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.