CVE-2024-41881

July 29, 2024, 2:12 p.m.

None
No Score

Description

SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment.

Product(s) Impacted

Product Versions
SDoP
  • ['UNKNOWN']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://github.com/PhilipHazel/SDoP
https://github.com/PhilipHazel/SDoP/commit/ff83d851b4b39ff2fd37ab2ab14365649515b023
https://jvn.jp/en/jp/JVN16420523/

Tags

vultures@jpcert.or.jp
2024-07-29
CVE-2024-41881

Timeline

Published: July 29, 2024, 9:15 a.m.
Last Modified: July 29, 2024, 2:12 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.