Windows Error Reporting (WER) Improper Privilege Management Vulnerability

Foxit Studio Photo 3.6.6.909 Out-of-bounds Read Vulnerability

Summary

Windows Error Reporting (WER) suffers from improper privilege management vulnerability

Credit:

The information has been provided by Gal De Leon

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1319


Details

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.

Vulnerable Systems:

Windows Error Reporting (WER) 

CVE Information:

CVE-2019-1319

Disclosure Timeline:
Published Date:10/10/2019