Vulnerability Details CVE-2019-0688
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.103
EPSS Ranking 92.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/107685
- https://arxiv.org/pdf/1906.10478.pdf
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0688
- http://www.securityfocus.com/bid/107685
- https://arxiv.org/pdf/1906.10478.pdf
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0688
Products affected by CVE-2019-0688
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2019:-