CVE-2019-1282
First published: Wed Sep 11 2019(Updated: )
An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Windows 10 | ||
| Windows 10 | =1607 | |
| Windows 10 | =1703 | |
| Windows 10 | =1709 | |
| Windows 10 | =1803 | |
| Windows 10 | =1809 | |
| Windows 10 | =1903 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-1282?
The severity of CVE-2019-1282 is rated as critical due to its potential for information disclosure.
How do I fix CVE-2019-1282?
To fix CVE-2019-1282, ensure that you apply the latest security updates provided by Microsoft for your affected Windows version.
Which versions of Windows are affected by CVE-2019-1282?
CVE-2019-1282 affects various versions of Windows, including Windows 7, 8.1, 10, and several releases of Windows Server.
Is CVE-2019-1282 a local or remote vulnerability?
CVE-2019-1282 is an information disclosure vulnerability that can be exploited locally.
Can CVE-2019-1282 lead to further attacks?
Yes, CVE-2019-1282 could potentially lead to further attacks by revealing sensitive information that might be exploited.
- agent/type
- agent/remedy
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/windows 10
- version/windows 10/1607
- version/windows 10/1703
- version/windows 10/1709
- version/windows 10/1803
- version/windows 10/1809
- version/windows 10/1903
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows
- canonical/microsoft windows rt
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- version/microsoft windows server/r2-sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1803
- version/microsoft windows server 2016/1903
- canonical/microsoft windows server 2019