SecuritySpace - CVE-2019-1163

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2019-1163

Description: A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify a signed CAB file and inject malicious code. The attacker could then convince a target user to execute the file. The update addresses the vulnerability by correcting how Windows validates file signatures.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-1163
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1163
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1163

CVE ID:	CVE-2019-1163
Description:	A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify a signed CAB file and inject malicious code. The attacker could then convince a target user to execute the file. The update addresses the vulnerability by correcting how Windows validates file signatures.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1163 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1163 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1163