CVE-2019-1430

EUVD-2019-9987
A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'Microsoft Windows Media Foundation Remote Code Execution Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Windows Releases
Platform
Version
Windows 10
1903 (arm64, x64, x86)
KB4524570
Windows Server
1903 Server Core
KB4524570
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1430
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1430