CVE-2024-9739

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
Updated: Nov 25, 2024
CWE ID 119
CWE ID 787

Summary

CVE-2024-9739 is a remote code execution vulnerability affecting Tungsten Automation Power PDF. This issue arises from insufficient validation of user-supplied data during PDF file parsing, leading to memory corruption. Exploitation requires the target to visit a malicious webpage or open a specially crafted PDF file. Successful attacks allow an attacker to execute arbitrary code in the context of the current process. (ZDI-CAN-24455)

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share