CVE-2019-1365

Name of the Vulnerable Software and Affected Versions Microsoft Internet Information Services (affected versions not specified)

Description The issue is related to errors in handling objects in memory, which can be exploited by a remote attacker to elevate privileges. This allows an unprivileged function, run by a user, to execute code in the context of NT AUTHORITYsystem, thus escaping the sandbox. The vulnerability exists due to the failure to check the length of a buffer before copying memory to it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.