FortiClient VulnerabilityMicrosoft OLE Automation CVE-2019-0794 Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists when OLE automation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could gain execution on the victim system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke OLE automation through a web browser. However, an attacker would have to entice a user to visit such a website. The update addresses the vulnerability by correcting how OLE automation handles objects in memory.
Affected Applications
Windows RT 8.1
Windows Server version 1709 (Server Core Installation)
Windows Server 2016
Windows Server version 1803 (Server Core Installation)
Windows Server 2012
Windows 8
Windows Server 2008
Windows 10
Windows 7
Windows Server 2019
CVE References
CVE-2019-0794Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0794| ID | 57529 |
| Created | Apr 09, 2019 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows RT 8.1 , Windows Server version 1709 (Server Core Installation) , Windows Server 2016 , Windows Server version 1803 (Server Core Installation) , Windows Server 2012 , Windows 8 , Windows Server 2008 , Windows 10 , Windows 7 , Windows Server 2019 |