CVE-2024-52060
Dec. 13, 2024, 11:15 a.m.
Tags
Product(s) Impacted
RTI Connext Professional
- 7.0.0 - 7.3.0.5
- 6.1.0 - 6.1.2.21
- 6.0.0 - unknown
- 5.3.0 - 5.3.1.45
Description
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45.
Weaknesses
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE ID: 120Date
Published: Dec. 13, 2024, 11:15 a.m.
Last Modified: Dec. 13, 2024, 11:15 a.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
3f572a00-62e2-4423-959a-7ea25eff1638