CVE-2024-6062

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Jun 17, 2024
Updated: Jun 20, 2024
CWE ID 476

Summary

CVE-2024-6602 is a newly disclosed vulnerability affecting the GPAC 2.5-DEV-rev228-g11067ea92-master component MP4Box. Specifically, the function swf_svg_add_iso_sample in the file src/filters/load_text.c contains a null pointer dereference issue. This vulnerability can be exploited locally, allowing attackers to manipulate the affected software. The exploit for this vulnerability has been made public, increasing the risk. To mitigate this issue, it is recommended to apply the patch with identifier 31e499d310a48bd17c8b055a0bfe0fe35887a7cd as soon as possible. VDB-268790 is the assigned identifier for this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-6062 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions