CVE-2024-2961

HIGH Year: 2024
CVSS v3 Score
7.3
High
Weakness Type
CWE-787
View all →

Vulnerability Description

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.

Related Vulnerabilities

CVE-2006-2362

HIGH
CVSS:7.3(High)

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (appli...

CWE-7872006

CVE-2010-2883

HIGH
CVSS:7.3(High)

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denia...

CWE-7872010

CVE-2017-6438

HIGH
CVSS:7.3(High)

Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code exec...

CWE-7872017

CVE-2019-10495

HIGH
CVSS:7.3(High)

Arbitrary buffer write issue while processing sequence header during HEVC or AVC encoding. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industri...

CWE-7872019

CVE-2019-9309

HIGH
CVSS:7.3(High)

In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is...

CWE-7872019

CVE-2019-9358

HIGH
CVSS:7.3(High)

In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is...

CWE-7872019