CVE-2024-24246

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 29, 2024
Updated: Apr 1, 2024
CWE ID 787

Summary

CVE-2024-24246 is a Heap Buffer Overflow vulnerability affecting qpdf 11.9.0. Attackers can exploit this vulnerability to crash the application using the std::__shared_count() function at /bits/shared_ptr_base.h. The affected products include uKQez7, s5UiSY, and s5UiRj. To remediate this vulnerability, it is recommended to update qpdf to a version that includes a fix for the issue. This vulnerability poses a medium risk to organizations, with a base severity score of 5.5 and an impact score of 3.6. The attack vector is local, and user interaction is required for exploitation. While it does not impact confidentiality or integrity, it has a high availability impact.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-24246 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options