Products
Bandisoft BandiView
- 7.05
Source
cve@mitre.org
Tags
CVE-2024-45872 details
Published : Oct. 3, 2024, 5:15 p.m.
Last Modified : Oct. 3, 2024, 8:35 p.m.
Last Modified : Oct. 3, 2024, 8:35 p.m.
Description
Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. The vulnerability occurs due to insufficient validation of PSD files.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6.3 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-122 | Heap-based Buffer Overflow | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
Base Score
6.3
Exploitability Score
2.8
Impact Score
3.4
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References
URL | Source |
---|---|
https://github.com/Jaecho6053/BandiView_PoC | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.