CVE-2024-9763
CVSS 3.1 Score 3.3 of 10 (low)
Details
Published Nov 22, 2024
Updated: Dec 5, 2024
CWE ID 125
Summary
CVE-2024-9763 is an Information Disclosure vulnerability affecting Tungsten Automation Power PDF. This issue arises due to inadequate validation of user-supplied data during PDF file parsing, resulting in an Out-of-Bounds Read. Remote attackers can exploit this vulnerability by compelling the target to visit a malicious webpage or open a malicious PDF file. Successful exploitation allows attackers to disclose sensitive information, potentially leading to more serious consequences like arbitrary code execution (as demonstrated by ZDI-CAN-24479).
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share