CVE-2024-34952

May 20, 2024, 3:17 p.m.

Tags

cve@mitre.org
2024-05-20
CVE-2024-34952

Product(s) Impacted

taurusxin ncmdump

  • 1.3.2

Description

taurusxin ncmdump v1.3.2 was discovered to contain a segmentation violation via the NeteaseCrypt::FixMetadata() function at /src/ncmcrypt.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted .ncm file.

Weaknesses

Date

Published: May 20, 2024, 2:15 p.m.

Last Modified: May 20, 2024, 3:17 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.assets/debug-coredump.png
cve@mitre.org
https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/dos_FixMetadata.md
cve@mitre.org
https://github.com/Helson-S/FuzzyTesting/blob/master/ncmdump/dos_FixMetadata/poc/I1DWE0~U
cve@mitre.org
https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata
cve@mitre.org
https://github.com/Helson-S/FuzzyTesting/tree/master/ncmdump/dos_FixMetadata/poc
cve@mitre.org
https://github.com/taurusxin/ncmdump/issues/18
cve@mitre.org