CVE-2018-9412

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Dec 11, 2024

Summary

CVE-2018-9412 is a resource exhaustion vulnerability affecting the ID3.cpp module in certain software applications. The issue lies in the "removeUnsynchronization" function, which fails to adequately validate user input. An attacker can exploit this weakness by providing malicious input, leading to an excessive consumption of system resources. The consequence is a Denial of Service condition, where the application becomes unresponsive or crashes, requiring user interaction to trigger the exploit. No elevated privileges are required for successful exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share