cpe:/o:microsoft:windows_10:- cpe:/o:microsoft:windows_10:1607 cpe:/o:microsoft:windows_10:1703 cpe:/o:microsoft:windows_10:1709 cpe:/o:microsoft:windows_10:1803 cpe:/o:microsoft:windows_10:1809 cpe:/o:microsoft:windows_10:1903 cpe:/o:microsoft:windows_7:-:sp1 cpe:/o:microsoft:windows_8.1:- cpe:/o:microsoft:windows_rt_8.1:- cpe:/o:microsoft:windows_server_2008:-:sp2 cpe:/o:microsoft:windows_server_2008:r2:sp1:~~~~itanium~ cpe:/o:microsoft:windows_server_2008:r2:sp1:~~~~x64~ cpe:/o:microsoft:windows_server_2012:- cpe:/o:microsoft:windows_server_2012:r2 cpe:/o:microsoft:windows_server_2016:- cpe:/o:microsoft:windows_server_2016:1803 cpe:/o:microsoft:windows_server_2016:1903 cpe:/o:microsoft:windows_server_2019:- CVE-2019-1235 2019-09-11T18:15:15.257-04:00 2019-09-12T15:05:23.257-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2019-09-12T12:25:45.050-04:00 MISC https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1235 An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.