CVE-2019-1244

MEDIUM

Windows 10 - Information Disclosure via DirectWrite Memory Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-1244. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates an invalid memory read in Microsoft DirectWrite's DWrite.dll, specifically in the `sfac_GetSbitBitmap` function, triggered by a malformed TrueType font. The vulnerability can lead to information disclosure by exposing heap memory contents in Microsoft Edge.

Description

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/47382

This exploit demonstrates an invalid memory read in Microsoft DirectWrite's DWrite.dll, specifically in the `sfac_GetSbitBitmap` function, triggered by a malformed TrueType font. The vulnerability can lead to information disclosure by exposing heap memory contents in Microsoft Edge.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Microsoft DirectWrite (DWrite.dll) on Windows 10 1709
No auth needed
Prerequisites: Access to a system with Microsoft Edge and the vulnerable version of DirectWrite
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 6.5
EPSS 0.1132
EPSS Percentile 95.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (18)
microsoft/windows_10
microsoft/windows_10 1607
microsoft/windows_10 1703
microsoft/windows_10 1709
microsoft/windows_10 1803
microsoft/windows_10 1809
microsoft/windows_10 1903
microsoft/windows_7
microsoft/windows_8.1
microsoft/windows_rt_8.1
... and 8 more
Published Sep 11, 2019
Tracked Since Feb 18, 2026