Vulnerability Details : CVE-2019-1185
An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory.
Vulnerability category: Execute codeGain privilege
Exploit prediction scoring system (EPSS) score for CVE-2019-1185
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less