CVE-2024-32909

HIGH Year: 2024
CVSS v3 Score
8.1
High
Weakness Type
CWE-787
View all →

Vulnerability Description

In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2012-0754

HIGH
CVSS:8.1(High)

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack...

CWE-7872012

CVE-2016-2371

HIGH
CVSS:8.1(High)

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CWE-7872016

CVE-2017-2780

HIGH
CVSS:8.1(High)

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflo...

CWE-7872017

CVE-2017-2781

HIGH
CVSS:8.1(High)

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflo...

CWE-7872017

CVE-2018-5210

HIGH
CVSS:8.1(High)

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to...

CWE-7872018

CVE-2019-11516

HIGH
CVSS:8.1(High)

An issue was discovered in the Bluetooth component of the Cypress (formerly owned by Broadcom) Wireless IoT codebase. Extended Inquiry Responses (EIRs) are improperly handled, which causes a heap-base...

CWE-7872019