{"vulnerability": "CVE-2019-1255", "sightings": [{"uuid": "de625f81-449d-4480-b3bd-a1675d63e39e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1255", "type": "seen", "source": "https://t.me/ctinow/15991", "content": "This vulnerability allows attackers to trigger a denial of service when unpatched\u00a0Microsoft Defender versions improperly handle\u00a0files. \nTo be able to exploit CVE-2019-1255, attackers would first require execution on the targeted system. http://twitter.com/BleepinComputer/status/1176201756486918145", "creation_timestamp": "2019-09-23T20:31:20.000000Z"}, {"uuid": "57c50890-dd7f-48df-b848-213c2b9c7d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12553", "type": "seen", "source": "https://gist.github.com/0xi1y4an7/605ea54aa36cbd993d66a4e7d1674901", "content": "", "creation_timestamp": "2025-05-14T23:15:09.000000Z"}, {"uuid": "403027b4-c567-4789-93eb-43267edbcce7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1255", "type": "seen", "source": "https://t.me/ctinow/15990", "content": "The Microsoft Defender denial of service vulnerability tracked as\u00a0CVE-2019-1255 was disclosed by\u00a0Charalampos Billinis of F-Secure Countercept and\u00a0Wenxu Wu\u00a0of Tencent Security Xuanwu Lab. http://twitter.com/BleepinComputer/status/1176201635477041154", "creation_timestamp": "2019-09-23T20:31:19.000000Z"}, {"uuid": "49f4ba15-9b36-4fe7-a908-f65161c2a734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12553", "type": "seen", "source": "https://t.me/arpsyndicate/2715", "content": "#ExploitObserverAlert\n\nCVE-2019-12553\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-12553. In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.\n\nFIRST-EPSS: 0.003970000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-09T05:36:00.000000Z"}, {"uuid": "eb8f2195-90fc-4ebf-b983-2067e748e47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1255", "type": "seen", "source": "https://t.me/xakep_ru/7764", "content": "Microsoft \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 IE \u0438 Microsoft Defender\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c CVE-2019-1367 \u0438 CVE-2019-1255, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0432 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\nhttps://xakep.ru/2019/09/24/windows-0days/", "creation_timestamp": "2019-09-24T10:35:14.000000Z"}, {"uuid": "bc68d8eb-3285-447e-b161-cef520df4123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1255", "type": "seen", "source": "https://t.me/thehackernews/473", "content": "It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities:\n\n\u27a1\ufe0f CVE-2019-1367 \u2014 a critical IE zero-day under active attack.\n\u27a1\ufe0f CVE-2019-1255 \u2014 DoS flaw in Microsoft Defender.\n\nRead details: https://thehackernews.com/2019/09/windows-update-zero-day.html", "creation_timestamp": "2019-09-24T09:51:37.000000Z"}]}