cnvd - cnvd-2019-14264

cnvd-2019-14264

Vulnerability from cnvd

Title: Microsoft Windows远程桌面服务远程代码执行漏洞

Description:

Microsoft Windows 7是微软发布的一款操作系统。Windows Server 2008是一款微软发行的服务器操作系统。Microsoft Windows XP是一款流行的视窗操作系统。Microsoft Windows Server 2003 R2是美国微软（Microsoft）公司发布的一套服务器操作系统。

Microsoft Windows远程桌面服务存在远程代码执行漏洞。当未经身份验证的攻击者使用RDP连接到目标系统并发送精心设计的请求时，攻击者可利用漏洞在目标系统上执行任意代码。

Severity: 高

Patch Name: Microsoft Windows远程桌面服务远程代码执行漏洞的补丁

Patch Description:

Microsoft Windows远程桌面服务存在远程代码执行漏洞。当未经身份验证的攻击者使用RDP连接到目标系统并发送精心设计的请求时，攻击者可利用漏洞在目标系统上执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline

Reference: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline

Impacted products

Name
['Microsoft Windows Server 2008 SP2', 'Microsoft Windows 7 SP1', 'Microsoft Windows Server 2003 SP2', 'Microsoft Windows XP', 'Microsoft Windows Server 2008 R2 SP1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-0708"
    }
  },
  "description": "Microsoft Windows 7\u662f\u5fae\u8f6f\u53d1\u5e03\u7684\u4e00\u6b3e\u64cd\u4f5c\u7cfb\u7edf\u3002Windows Server 2008\u662f\u4e00\u6b3e\u5fae\u8f6f\u53d1\u884c\u7684\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows XP\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u89c6\u7a97\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows Server 2003 R2\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u53d1\u5e03\u7684\u4e00\u5957\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nMicrosoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u5f53\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u4f7f\u7528RDP\u8fde\u63a5\u5230\u76ee\u6807\u7cfb\u7edf\u5e76\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u8bf7\u6c42\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "The UK\u0027s National Cyber Security Centre (NCSC)",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-14264",
  "openTime": "2019-05-08",
  "patchDescription": "Microsoft Windows 7\u662f\u5fae\u8f6f\u53d1\u5e03\u7684\u4e00\u6b3e\u64cd\u4f5c\u7cfb\u7edf\u3002Windows Server 2008\u662f\u4e00\u6b3e\u5fae\u8f6f\u53d1\u884c\u7684\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows XP\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u89c6\u7a97\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows Server 2003 R2\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u53d1\u5e03\u7684\u4e00\u5957\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nMicrosoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u5f53\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u4f7f\u7528RDP\u8fde\u63a5\u5230\u76ee\u6807\u7cfb\u7edf\u5e76\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u8bf7\u6c42\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Server 2008 SP2",
      "Microsoft Windows 7 SP1",
      "Microsoft Windows Server 2003   SP2",
      "Microsoft Windows XP",
      "Microsoft Windows Server 2008 R2  SP1"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline",
  "serverity": "\u9ad8",
  "submitTime": "2019-05-15",
  "title": "Microsoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2019-0708 (GCVE-0-2019-0708)

Vulnerability from cvelistv5

Published

2019-05-16 18:17

Modified

2025-07-30 01:46

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Remote Code Execution

Summary

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

References

▼	URL	Tags
	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html	x_refsource_MISC
	http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html	x_refsource_MISC
	http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html	x_refsource_MISC
	http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html	x_refsource_MISC
	http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Microsoft

Windows

Version: 7 for 32-bit Systems Service Pack 1
Version: 7 for x64-based Systems Service Pack 1

Microsoft

Windows Server

Version: 2008 R2 for x64-based Systems Service Pack 1 (Core installation)
Version: 2008 R2 for Itanium-Based Systems Service Pack 1
Version: 2008 R2 for x64-based Systems Service Pack 1
Version: 2008 for 32-bit Systems Service Pack 2 (Core installation)
Version: 2008 for Itanium-Based Systems Service Pack 2
Version: 2008 for 32-bit Systems Service Pack 2
Version: 2008 for x64-based Systems Service Pack 2
Version: 2008 for x64-based Systems Service Pack 2 (Core installation)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:51:27.186Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2019-0708",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T16:17:22.676231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:46:03.290Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2019-0708 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "7 for 32-bit Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "7 for x64-based Systems Service Pack 1"
            }
          ]
        },
        {
          "product": "Windows Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2008 R2 for Itanium-Based Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2008 R2 for x64-based Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2008 for Itanium-Based Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for 32-bit Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for x64-based Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-03T17:06:16.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2019-0708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7 for 32-bit Systems Service Pack 1"
                          },
                          {
                            "version_value": "7 for x64-based Systems Service Pack 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
                          },
                          {
                            "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
                          },
                          {
                            "version_value": "2008 R2 for x64-based Systems Service Pack 1"
                          },
                          {
                            "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
                          },
                          {
                            "version_value": "2008 for Itanium-Based Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for 32-bit Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for x64-based Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
            },
            {
              "name": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2019-0708",
    "datePublished": "2019-05-16T18:17:00.000Z",
    "dateReserved": "2018-11-26T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:46:03.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted