CVE-2019-0903
Microsoft GDI Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
21.7%
p97
KEV
YES
Mar 25, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
21.7%EPSS · 30 days21.7%
2026-06-302026-07-16
Product
Microsoft / Graphics Device Interface (GDI)
Vulnerability
Microsoft GDI Remote Code Execution Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
No
Summary description
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-0903
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-0001—86.3%
KEV—76Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability—