Vulnerabilities

CVE-2024-1112

by Fred · 31/01/2024

Heap-based buffer overflow vulnerability in Resource Hacker, developed by Angus Johnson, affecting version 3.6.0.92. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-resource-hacker

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 9.8
Base severity : CRITICAL
Exploitability score : 3.9
Impact score : 5.9

Similar

Tags: Cybersecurity Alert