CVE-2024-45491
CVSS 3.1 Score 7.3 of 10 (high)
Details
Summary
CVE-2024-45491 identifies an integer overflow vulnerability found in libexpat versions prior to 2.6.3, specifically in the dtdCopy function of xmlparse.c on 32-bit platforms. Affected products include a variety of systems, specifically those associated with identifiers such as hAicIB through hAicH9 and cJsLr-. This vulnerability poses a high-security risk with an exploitability score of 3.9, as it allows attackers to potentially manipulate data over a network without requiring user interaction or elevated privileges. To remediate this issue, users are advised to upgrade to libexpat version 2.6.3 or later. The impact on confidentiality and integrity is rated low, but organizations should remain vigilant due to the nature of network-based attacks associated with this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.