CVE-2024-41881

July 29, 2024, 2:12 p.m.

Tags

vultures@jpcert.or.jp
2024-07-29
CVE-2024-41881

Product(s) Impacted

SDoP

  • UNKNOWN

Description

SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment.

Weaknesses

Date

Published: July 29, 2024, 9:15 a.m.

Last Modified: July 29, 2024, 2:12 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

References

https://github.com/PhilipHazel/SDoP
vultures@jpcert.or.jp
https://github.com/PhilipHazel/SDoP/commit/ff83d851b4b39ff2fd37ab2ab14365649515b023
vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN16420523/
vultures@jpcert.or.jp