An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0973 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-06-12 07:29
Updated : 2020-08-24 10:37
NVD link : CVE-2019-0973
Mitre link : CVE-2019-0973
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
microsoft
- windows_7
- windows_server_2016
- windows_rt_8.1
- windows_server_2019
- windows_8.1
- windows_10
- windows_server_2008
- windows_server_2012