OnlyFm252
Patch Tuesday Archive

Patch Tuesday July 2019

Total CVEs

79

Critical

11

Important

63

Exploited

2

Publicly Disclosed

5

All CVEs this month 79

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2019-0785 Windows DHCP Server Remote Code Execution Vulnerability Critical 9.8 Microsoft Windows - -
CVE-2019-1001 Scripting Engine Memory Corruption Vulnerability Critical 7.5 Microsoft Scripting Engine - -
CVE-2019-1056 Scripting Engine Memory Corruption Vulnerability Critical 7.5 Microsoft Scripting Engine - -
CVE-2019-1062 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1072 Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability Critical - Azure DevOps - -
CVE-2019-1092 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1102 GDI+ Remote Code Execution Vulnerability Critical 8.4 Microsoft Graphics Component - -
CVE-2019-1103 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1106 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1107 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - -
CVE-2019-1113 .NET Framework Remote Code Execution Vulnerability Critical - .NET Framework - -
ADV190021 Outlook on the web Cross-Site Scripting Vulnerability Important - Microsoft Exchange Server - -
CVE-2018-15664 Docker Elevation of Privilege Vulnerability Important - Open Source Software - Yes
CVE-2019-0811 Windows DNS Server Denial of Service Vulnerability Important 7.5 Microsoft Windows DNS - -
CVE-2019-0865 SymCrypt Denial of Service Vulnerability Important 7.5 Microsoft Windows - Yes
CVE-2019-0880 Microsoft splwow64 Elevation of Privilege Vulnerability Important 7 Microsoft Windows Yes -
CVE-2019-0887 Remote Desktop Services Remote Code Execution Vulnerability Important 8 Microsoft Windows - -
CVE-2019-0962 Azure Automation Elevation of Privilege Vulnerability Important - Azure - Yes
CVE-2019-0966 Windows Hyper-V Denial of Service Vulnerability Important 6.8 Microsoft Windows - -
CVE-2019-0975 ADFS Security Feature Bypass Vulnerability Important 4.3 Microsoft Windows - -
CVE-2019-0999 DirectX Elevation of Privilege Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1006 WCF/WIF SAML Token Authentication Bypass Vulnerability Important - .NET Framework - -
CVE-2019-1037 Windows Error Reporting Elevation of Privilege Vulnerability Important 7 Microsoft Windows - -
CVE-2019-1067 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1068 Microsoft SQL Server Remote Code Execution Vulnerability Important - SQL Server - Yes
CVE-2019-1071 Windows Kernel Information Disclosure Vulnerability Important 5.5 Windows Kernel - -
CVE-2019-1073 Windows Kernel Information Disclosure Vulnerability Important 5.5 Windows Kernel - -
CVE-2019-1074 Microsoft Windows Elevation of Privilege Vulnerability Important 5.3 Microsoft Windows - -
CVE-2019-1076 Team Foundation Server Cross-site Scripting Vulnerability Important - Azure DevOps - -
CVE-2019-1077 Visual Studio Elevation of Privilege Vulnerability Important - Visual Studio - -
CVE-2019-1079 Visual Studio Information Disclosure Vulnerability Important - Visual Studio - -
CVE-2019-1082 Microsoft Windows Elevation of Privilege Vulnerability Important 7.7 Microsoft Windows - -
CVE-2019-1083 .NET Denial of Service Vulnerability Important - .NET Framework - -
CVE-2019-1084 Microsoft Exchange Information Disclosure Vulnerability Important - Microsoft Office - -
CVE-2019-1085 Windows WLAN Service Elevation of Privilege Vulnerability Important 7.8 Windows Media - -
CVE-2019-1086 Windows Audio Service Elevation of Privilege Vulnerability Important 7.8 Windows Media - -
CVE-2019-1087 Windows Audio Service Elevation of Privilege Vulnerability Important 7.8 Windows Media - -
CVE-2019-1088 Windows Audio Service Elevation of Privilege Vulnerability Important 7.8 Windows Media - -
CVE-2019-1089 Windows RPCSS Elevation of Privilege Vulnerability Important 7.8 Windows Kernel - -
CVE-2019-1090 Windows dnsrslvr.dll Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows DNS - -
CVE-2019-1091 Microsoft unistore.dll Information Disclosure Vulnerability Important 5.5 Microsoft Windows - -
CVE-2019-1093 DirectWrite Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1094 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1095 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1096 Win32k Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1097 DirectWrite Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1098 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1099 Windows GDI Information Disclosure Vulnerability Important 5.5 Windows Shell - -
CVE-2019-1100 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1101 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1108 Remote Desktop Protocol Client Information Disclosure Vulnerability Important 6.5 Windows RDP - -
CVE-2019-1109 Microsoft Office Spoofing Vulnerability Important - Microsoft Office - -
CVE-2019-1110 Microsoft Excel Remote Code Execution Vulnerability Important - Microsoft Office - -
CVE-2019-1111 Microsoft Excel Remote Code Execution Vulnerability Important - Microsoft Office - -
CVE-2019-1112 Microsoft Excel Information Disclosure Vulnerability Important - Microsoft Office - -
CVE-2019-1116 Windows GDI Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2019-1117 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1118 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1119 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1120 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1121 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1122 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1123 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1124 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1126 ADFS Security Feature Bypass Vulnerability Important 5.3 Microsoft Windows - -
CVE-2019-1127 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1128 DirectWrite Remote Code Execution Vulnerability Important 7.8 Microsoft Graphics Component - -
CVE-2019-1129 Windows Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - Yes
CVE-2019-1130 Windows Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2019-1132 Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Kernel Yes -
CVE-2019-1134 Microsoft Office SharePoint XSS Vulnerability Important - Microsoft Office SharePoint - -
CVE-2019-1136 Microsoft Exchange Server Elevation of Privilege Vulnerability Important - Microsoft Exchange Server - -
CVE-2019-1137 Microsoft Exchange Server Spoofing Vulnerability Important - Microsoft Exchange Server - -
CVE-2019-1167 Windows Defender Application Control Security Feature Bypass Vulnerability Important - Microsoft PowerShell - -
CVE-2019-1004 Scripting Engine Memory Corruption Vulnerability Moderate 7.5 Microsoft Scripting Engine - -
CVE-2019-1059 Scripting Engine Memory Corruption Vulnerability Moderate 7.5 Microsoft Scripting Engine - -
CVE-2019-1063 Internet Explorer Memory Corruption Vulnerability Moderate 7.5 Internet Explorer - -
CVE-2019-1075 ASP.NET Core Spoofing Vulnerability Moderate - ASP.NET - -
CVE-2019-1104 Microsoft Browser Memory Corruption Vulnerability Moderate 7.5 Microsoft Browsers - -

    Threat Categories 6

    Threat Category CVEs Critical
    Remote Code Execution 29 11
    Elevation of Privilege 20 -
    Information Disclosure 17 -
    Spoofing 6 -
    Denial of Service 4 -
    Security Feature Bypass 3 -

    Affected Products 21

    Product CVEs Exploited
    Microsoft Graphics Component 21 -
    Microsoft Windows 14 1
    Microsoft Scripting Engine 9 -
    Microsoft Office 5 -
    Windows Kernel 4 1
    Windows Media 4 -
    .NET Framework 3 -
    Microsoft Exchange Server 3 -
    Azure DevOps 2 -
    Microsoft Windows DNS 2 -
    Visual Studio 2 -
    Open Source Software 1 -
    Azure 1 -
    SQL Server 1 -
    Windows Shell 1 -
    Windows RDP 1 -
    Microsoft Office SharePoint 1 -
    Microsoft PowerShell 1 -
    Internet Explorer 1 -
    ASP.NET 1 -
    Microsoft Browsers 1 -