CVE-2024-42326
CVSS 3.1 Score 4.4 of 10 (medium)
Details
Summary
CVE-2024-42326 is a newly identified vulnerability that affects the browser component of a specific software. The issue lies within the es_browser_get_variant function in the file browser.c. A use-after-free bug was found in this function, which can lead to memory being freed prematurely and then subsequently being accessed, potentially resulting in unintended execution or crashes. Attackers could exploit this vulnerability to execute arbitrary code or perform denial-of-service attacks, depending on the specific context and conditions of the software's environment. Users are advised to update their software as soon as a patch becomes available to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Zabbix
Affected Vendors
- Zabbix LLC