CVE-2024-42328
CVSS 3.1 Score 3.3 of 10 (low)
Details
Published Nov 27, 2024
CWE ID 476
CWE ID 690
Summary
CVE-2024-42328 is a vulnerability affecting the webdriver for the Browser object. When downloading data from a HTTP server, the data pointer is initially set to NULL and is only allocated when data is received. If the server responds with an empty document, the data pointer will remain NULL, leading to a crash when the code attempts to read from it. This issue could potentially allow attackers to induce a denial-of-service condition or cause the browser to crash.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Zabbix
Affected Vendors
- Zabbix LLC