CVE-2024-33063

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 2, 2024
Updated: Dec 12, 2024
CWE ID 190

Summary

CVE-2024-33063 is a newly discovered vulnerability that can cause a Transient Denial of Service (DoS) attack. This issue arises when parsing the Multi-Language (ML) Internet Explorer (IE) element in a specific context. The vulnerability occurs when the common info length of the ML IE exceeds the ML IE size, leading to an unexpected behavior that consumes system resources and causes the DoS effect. This issue can potentially impact systems that support or use Internet Explorer with ML IE parsing functionality. It is recommended to apply patches or updates as soon as they become available to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share