CVE-2018-9340

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 19, 2024
Updated: Nov 20, 2024
CWE ID 787

Summary

CVE-2018-9340 is a vulnerability affecting the ResStringPool::setTo function in ResourceTypes.cpp. An attacker can manipulate the value of mStringPoolSize, resulting in an out-of-bounds condition. This issue leads to information disclosure. The vulnerability could potentially be exploited to gain unauthorized access to sensitive data. The specific impact of this vulnerability depends on the context in which it is exploited, but it poses a significant risk to security. Developers are encouraged to address this issue promptly to prevent potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share