How severe is CVE-2024-6062?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-6062?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2024-6062 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability.

Related Vulnerabilities

CVE-2001-1559

MEDIUM

CVSS:5.5(Medium)

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial ...

CWE-4762001

CVE-2010-0206

MEDIUM

CVSS:5.5(Medium)

xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.

CWE-4762010

CVE-2010-3079

MEDIUM

CVSS:5.5(Medium)

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cau...

CWE-4762010

CVE-2011-3637

MEDIUM

CVSS:5.5(Medium)

The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.

CWE-4762011

CVE-2011-4081

MEDIUM

CVSS:5.5(Medium)

crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a fail...

CWE-4762011

CVE-2011-4594

MEDIUM

CVSS:5.5(Medium)

The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an inco...

CWE-4762011