CVE-2019-1053

HIGH Year: 2019
CVSS v3 Score
8.8
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-59
View all →

Vulnerability Description

An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require unprivileged execution on the victim system. The security update addresses the vulnerability by correctly validating folder shortcuts.

Related Vulnerabilities

CVE-2016-9602

HIGH
CVSS:8.8(High)

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder a...

CWE-592016

CVE-2018-10897

HIGH
CVSS:8.8(High)

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may ...

CWE-592018

CVE-2018-10928

HIGH
CVSS:8.8(High)

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use t...

CWE-592018

CVE-2018-14651

HIGH
CVSS:8.8(High)

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execut...

CWE-592018

CVE-2019-9949

HIGH
CVSS:8.8(High)

Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privil...

CWE-592019

CVE-2020-10947

HIGH
CVSS:8.8(High)

Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.

CWE-592020