From 773c40ba6f9672048f16cb7274cc596a0cf20254 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 22 Nov 2024 22:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/11xxx/CVE-2024-11392.json | 68 +++++++++++++++++++++++++++++-- 2024/11xxx/CVE-2024-11393.json | 68 +++++++++++++++++++++++++++++-- 2024/11xxx/CVE-2024-11394.json | 68 +++++++++++++++++++++++++++++-- 2024/11xxx/CVE-2024-11641.json | 18 +++++++++ 2024/6xxx/CVE-2024-6871.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7238.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7239.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7240.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7241.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7242.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7243.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7244.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7245.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7253.json | 73 ++++++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7352.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7391.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7392.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7508.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7509.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7510.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7511.json | 68 +++++++++++++++++++++++++++++-- 2024/7xxx/CVE-2024-7565.json | 73 ++++++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8025.json | 73 ++++++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8355.json | 68 +++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8356.json | 68 +++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8357.json | 68 +++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8358.json | 68 +++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8359.json | 68 +++++++++++++++++++++++++++++-- 2024/8xxx/CVE-2024-8360.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9112.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9113.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9114.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9243.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9244.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9245.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9246.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9247.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9248.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9249.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9250.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9251.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9252.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9253.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9254.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9255.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9256.json | 73 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9258.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9259.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9260.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9261.json | 68 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9767.json | 68 +++++++++++++++++++++++++++++-- 51 files changed, 3298 insertions(+), 200 deletions(-) create mode 100644 2024/11xxx/CVE-2024-11641.json diff --git a/2024/11xxx/CVE-2024-11392.json b/2024/11xxx/CVE-2024-11392.json index 0a1b775e33d..9fc21a91d74 100644 --- a/2024/11xxx/CVE-2024-11392.json +++ b/2024/11xxx/CVE-2024-11392.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-11392", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Hugging Face", + "product": { + "product_data": [ + { + "product_name": "Transformers", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "940fde8dafaecb8f17b588c5078291f1c1a420c8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1513/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1513/" + } + ] + }, + "source": { + "lang": "en", + "value": "The_Kernel_Panic" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH" } ] } diff --git a/2024/11xxx/CVE-2024-11393.json b/2024/11xxx/CVE-2024-11393.json index 529659ccff4..2556d05cec1 100644 --- a/2024/11xxx/CVE-2024-11393.json +++ b/2024/11xxx/CVE-2024-11393.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-11393", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Hugging Face", + "product": { + "product_data": [ + { + "product_name": "Transformers", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8820fe8b8c4b9da94cf1e4761876f85c562e0efe" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1514/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1514/" + } + ] + }, + "source": { + "lang": "en", + "value": "The_Kernel_Panic" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/11xxx/CVE-2024-11394.json b/2024/11xxx/CVE-2024-11394.json index 1f604e9c41a..7cee4b52f02 100644 --- a/2024/11xxx/CVE-2024-11394.json +++ b/2024/11xxx/CVE-2024-11394.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-11394", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Hugging Face", + "product": { + "product_data": [ + { + "product_name": "Transformers", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "026a173a64372e9602a16523b8fae9de4b0ff428" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1515/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1515/" + } + ] + }, + "source": { + "lang": "en", + "value": "The_Kernel_Panic" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/11xxx/CVE-2024-11641.json b/2024/11xxx/CVE-2024-11641.json new file mode 100644 index 00000000000..e26d7a8a400 --- /dev/null +++ b/2024/11xxx/CVE-2024-11641.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11641", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/6xxx/CVE-2024-6871.json b/2024/6xxx/CVE-2024-6871.json index 655fe2ab11e..2d4a97cfd83 100644 --- a/2024/6xxx/CVE-2024-6871.json +++ b/2024/6xxx/CVE-2024-6871.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6871", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of autostart tasks. The issue results from incorrect permissions set on folders. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22629." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732: Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "G DATA", + "product": { + "product_data": [ + { + "product_name": "Total Security", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "25.5.15.21" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1486/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1486/" + } + ] + }, + "source": { + "lang": "en", + "value": "Kolja Grassmann (cirosec GmbH)" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7238.json b/2024/7xxx/CVE-2024-7238.json index 0e1b1f347b9..4219f22d4c0 100644 --- a/2024/7xxx/CVE-2024-7238.json +++ b/2024/7xxx/CVE-2024-7238.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7238", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VIPRE Advanced Security SBAMSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Anti Malware Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22238." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "VIPRE", + "product": { + "product_data": [ + { + "product_name": "Advanced Security", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.0.1.214" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1011/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1011/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky and Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7239.json b/2024/7xxx/CVE-2024-7239.json index 41f770c3842..50b35e306a8 100644 --- a/2024/7xxx/CVE-2024-7239.json +++ b/2024/7xxx/CVE-2024-7239.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7239", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VIPRE Advanced Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Anti Malware Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22314." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "VIPRE", + "product": { + "product_data": [ + { + "product_name": "Advanced Security", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.0.1.214" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1010/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1010/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7240.json b/2024/7xxx/CVE-2024-7240.json index f83b4e9d83a..e5bb4b7c47c 100644 --- a/2024/7xxx/CVE-2024-7240.json +++ b/2024/7xxx/CVE-2024-7240.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7240", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "F-Secure Total Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of F-Secure Total. User interaction on the part of an administrator is required to exploit this vulnerability.\n\nThe specific flaw exists within the WithSecure plugin hosting service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23005." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "F-Secure", + "product": { + "product_data": [ + { + "product_name": "Total", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "19.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1012/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1012/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.3, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7241.json b/2024/7xxx/CVE-2024-7241.json index 6b0db23fcf3..bb9fd9076df 100644 --- a/2024/7xxx/CVE-2024-7241.json +++ b/2024/7xxx/CVE-2024-7241.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7241", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the PSANHost service. By creating a junction, an attacker can abuse the service to create an arbitrary file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23375." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Panda Security", + "product": { + "product_data": [ + { + "product_name": "Dome", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.02.01" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1016/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1016/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7242.json b/2024/7xxx/CVE-2024-7242.json index 61fc5ccfe1f..375642f2738 100644 --- a/2024/7xxx/CVE-2024-7242.json +++ b/2024/7xxx/CVE-2024-7242.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7242", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the PSANHost executable. By creating a junction, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23402." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Panda Security", + "product": { + "product_data": [ + { + "product_name": "Dome", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.02.01" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1017/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1017/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7243.json b/2024/7xxx/CVE-2024-7243.json index 115bac3361e..54438afa63c 100644 --- a/2024/7xxx/CVE-2024-7243.json +++ b/2024/7xxx/CVE-2024-7243.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7243", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the PSANHost executable. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23413." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Panda Security", + "product": { + "product_data": [ + { + "product_name": "Dome", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.02.01" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1013/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1013/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7244.json b/2024/7xxx/CVE-2024-7244.json index 59762354feb..118e2b6bee2 100644 --- a/2024/7xxx/CVE-2024-7244.json +++ b/2024/7xxx/CVE-2024-7244.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7244", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the VPN process. The process does not restrict DLL search to trusted paths, which can result in the loading of a malicious DLL. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23428." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-427: Uncontrolled Search Path Element", + "cweId": "CWE-427" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Panda Security", + "product": { + "product_data": [ + { + "product_name": "Dome", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.02.01" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1014/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1014/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7245.json b/2024/7xxx/CVE-2024-7245.json index 1021d2aaf3d..06103fd8eeb 100644 --- a/2024/7xxx/CVE-2024-7245.json +++ b/2024/7xxx/CVE-2024-7245.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7245", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Hydra Sdk Windows Service. The issue lies in the lack of proper permissions set on a folder created by the service. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23429." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732: Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Panda Security", + "product": { + "product_data": [ + { + "product_name": "Dome", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.02.01" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1015/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1015/" + } + ] + }, + "source": { + "lang": "en", + "value": "Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7253.json b/2024/7xxx/CVE-2024-7253.json index 497f7038796..df8e6cb6ed4 100644 --- a/2024/7xxx/CVE-2024-7253.json +++ b/2024/7xxx/CVE-2024-7253.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7253", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within nxnode.exe. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n\n. Was ZDI-CAN-24039." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-427: Uncontrolled Search Path Element", + "cweId": "CWE-427" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "NoMachine", + "product": { + "product_data": [ + { + "product_name": "NoMachine", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.11.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1042/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1042/" + }, + { + "url": "https://kb.nomachine.com/TR07V11184", + "refsource": "MISC", + "name": "https://kb.nomachine.com/TR07V11184" + } + ] + }, + "source": { + "lang": "en", + "value": "bananabr" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7352.json b/2024/7xxx/CVE-2024-7352.json index 439ad7594e0..67048c5684f 100644 --- a/2024/7xxx/CVE-2024-7352.json +++ b/2024/7xxx/CVE-2024-7352.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23550." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PDF-XChange", + "product": { + "product_data": [ + { + "product_name": "PDF-XChange Editor", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.2.1.385" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1037/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1037/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7391.json b/2024/7xxx/CVE-2024-7391.json index 52256a696fa..be420a35f64 100644 --- a/2024/7xxx/CVE-2024-7391.json +++ b/2024/7xxx/CVE-2024-7391.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7391", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. User interaction is required to exploit this vulnerability.\n\nThe specific flaw exists within the Wi-Fi setup logic. By connecting to the device over Bluetooth Low Energy during the setup process, an attacker can obtain Wi-Fi credentials. An attacker can leverage this vulnerability to disclose credentials and gain access to the device owner's Wi-Fi network. Was ZDI-CAN-21454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ChargePoint", + "product": { + "product_data": [ + { + "product_name": "Home Flex", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.5.3.13" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1046/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1046/" + } + ] + }, + "source": { + "lang": "en", + "value": "Todd Manning of Trend Micro Research" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 2.6, + "baseSeverity": "LOW" } ] } diff --git a/2024/7xxx/CVE-2024-7392.json b/2024/7xxx/CVE-2024-7392.json index 1a681a3dab7..2ff3e8fd530 100644 --- a/2024/7xxx/CVE-2024-7392.json +++ b/2024/7xxx/CVE-2024-7392.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7392", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of ChargePoint Home Flex charging devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the connection handling of the Bluetooth Low Energy interface. The issue results from limiting the number of active connections to the product. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-21455." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-410: Insufficient Resource Pool", + "cweId": "CWE-410" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ChargePoint", + "product": { + "product_data": [ + { + "product_name": "Home Flex", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.5.3.13" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1047/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1047/" + } + ] + }, + "source": { + "lang": "en", + "value": "Todd Manning" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/7xxx/CVE-2024-7508.json b/2024/7xxx/CVE-2024-7508.json index 467971f431e..a67f1ae6b43 100644 --- a/2024/7xxx/CVE-2024-7508.json +++ b/2024/7xxx/CVE-2024-7508.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7508", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19575." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Trimble", + "product": { + "product_data": [ + { + "product_name": "SketchUp Viewer", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.0.354.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1054/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1054/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7509.json b/2024/7xxx/CVE-2024-7509.json index 2b7e573febc..f6a5c8ef9f5 100644 --- a/2024/7xxx/CVE-2024-7509.json +++ b/2024/7xxx/CVE-2024-7509.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7509", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19576." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Trimble", + "product": { + "product_data": [ + { + "product_name": "SketchUp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.0.354.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1055/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1055/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7510.json b/2024/7xxx/CVE-2024-7510.json index f19a5ebc386..d80571fb1f3 100644 --- a/2024/7xxx/CVE-2024-7510.json +++ b/2024/7xxx/CVE-2024-7510.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7510", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19631." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Trimble", + "product": { + "product_data": [ + { + "product_name": "SketchUp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "22.0.354.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1056/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1056/" + } + ] + }, + "source": { + "lang": "en", + "value": "Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/7xxx/CVE-2024-7511.json b/2024/7xxx/CVE-2024-7511.json index d16189ec5f4..df48bf7cb4c 100644 --- a/2024/7xxx/CVE-2024-7511.json +++ b/2024/7xxx/CVE-2024-7511.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7511", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files embedded in SKP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23000." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Trimble", + "product": { + "product_data": [ + { + "product_name": "SketchUp Pro", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "23.1.340" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1057/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1057/" + } + ] + }, + "source": { + "lang": "en", + "value": "Vladislav Berghici" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/7xxx/CVE-2024-7565.json b/2024/7xxx/CVE-2024-7565.json index e0aea25105c..2b5dc6e5b22 100644 --- a/2024/7xxx/CVE-2024-7565.json +++ b/2024/7xxx/CVE-2024-7565.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7565", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the unpackageAll function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19060." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SMARTBEAR", + "product": { + "product_data": [ + { + "product_name": "SoapUI", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "SoapUI 5.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1100/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1100/" + }, + { + "url": "https://www.soapui.org/downloads/latest-release/release-notes/", + "refsource": "MISC", + "name": "https://www.soapui.org/downloads/latest-release/release-notes/" + } + ] + }, + "source": { + "lang": "en", + "value": "kimiya" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/8xxx/CVE-2024-8025.json b/2024/8xxx/CVE-2024-8025.json index 50e9d12a2a6..757504089a3 100644 --- a/2024/8xxx/CVE-2024-8025.json +++ b/2024/8xxx/CVE-2024-8025.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8025", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nikon NEF Codec Thumbnail Provider NRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nikon NEF Codec. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of NRW files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19873." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Nikon", + "product": { + "product_data": [ + { + "product_name": "NEF Codec", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.31.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1422/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1422/" + }, + { + "url": "https://downloadcenter.nikonimglib.com/en/download/sw/259.html", + "refsource": "MISC", + "name": "https://downloadcenter.nikonimglib.com/en/download/sw/259.html" + } + ] + }, + "source": { + "lang": "en", + "value": "rgod" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7, + "baseSeverity": "HIGH" } ] } diff --git a/2024/8xxx/CVE-2024-8355.json b/2024/8xxx/CVE-2024-8355.json index 7899bfa4a6e..e2c1acb07f7 100644 --- a/2024/8xxx/CVE-2024-8355.json +++ b/2024/8xxx/CVE-2024-8355.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8355", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DeviceManager. When parsing the iAP Serial number, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20112." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Visteon", + "product": { + "product_data": [ + { + "product_name": "Infotainment", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "74.00.311A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1208/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1208/" + } + ] + }, + "source": { + "lang": "en", + "value": "Ricky \"HeadlessZeke\" Lawshae" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/8xxx/CVE-2024-8356.json b/2024/8xxx/CVE-2024-8356.json index a6ccd27e2fb..172531c99db 100644 --- a/2024/8xxx/CVE-2024-8356.json +++ b/2024/8xxx/CVE-2024-8356.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8356", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the firmware update process of the VIP microcontroller. The process does not properly verify authenticity of the supplied firmware image before programming it into internal memory. An attacker can leverage this vulnerability to escalate privileges execute arbitrary code in the context of the VIP MCU. Was ZDI-CAN-23758." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-345: Insufficient Verification of Data Authenticity", + "cweId": "CWE-345" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Visteon", + "product": { + "product_data": [ + { + "product_name": "Infotainment", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "cmu150_NA_74.00.324A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1188/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1188/" + } + ] + }, + "source": { + "lang": "en", + "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/8xxx/CVE-2024-8357.json b/2024/8xxx/CVE-2024-8357.json index 5721109adc3..a890cc72146 100644 --- a/2024/8xxx/CVE-2024-8357.json +++ b/2024/8xxx/CVE-2024-8357.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-23759." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1326: Missing Immutable Root of Trust in Hardware", + "cweId": "CWE-1326" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Visteon", + "product": { + "product_data": [ + { + "product_name": "Infotainment", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "cmu150_NA_74.00.324A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1189/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1189/" + } + ] + }, + "source": { + "lang": "en", + "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/8xxx/CVE-2024-8358.json b/2024/8xxx/CVE-2024-8358.json index 205e09377fd..b83b0caaf3f 100644 --- a/2024/8xxx/CVE-2024-8358.json +++ b/2024/8xxx/CVE-2024-8358.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8358", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the UPDATES_ExtractFile function. A crafted software update file can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23422." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Visteon", + "product": { + "product_data": [ + { + "product_name": "Infotainment", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "cmu150_NA_74.00.324A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1190/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1190/" + } + ] + }, + "source": { + "lang": "en", + "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/8xxx/CVE-2024-8359.json b/2024/8xxx/CVE-2024-8359.json index d8797cc2dd9..bce1b6562ab 100644 --- a/2024/8xxx/CVE-2024-8359.json +++ b/2024/8xxx/CVE-2024-8359.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8359", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the REFLASH_DDU_FindFile function. A crafted software update file can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23420." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Visteon", + "product": { + "product_data": [ + { + "product_name": "Infotainment", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "cmu150_NA_74.00.324A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1191/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1191/" + } + ] + }, + "source": { + "lang": "en", + "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/8xxx/CVE-2024-8360.json b/2024/8xxx/CVE-2024-8360.json index 7a55abde6f7..698da6b0f3b 100644 --- a/2024/8xxx/CVE-2024-8360.json +++ b/2024/8xxx/CVE-2024-8360.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8360", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the REFLASH_DDU_ExtractFile function. A crafted software update file can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23421." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Visteon", + "product": { + "product_data": [ + { + "product_name": "Infotainment", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "cmu150_NA_74.00.324A" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1192/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1192/" + } + ] + }, + "source": { + "lang": "en", + "value": "Dmitry \"InfoSecDJ\" Janushkevich of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/9xxx/CVE-2024-9112.json b/2024/9xxx/CVE-2024-9112.json index ec67e666b77..9b9c2ba14bb 100644 --- a/2024/9xxx/CVE-2024-9112.json +++ b/2024/9xxx/CVE-2024-9112.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9112", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25102." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "FastStone", + "product": { + "product_data": [ + { + "product_name": "Image Viewer", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1273/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1273/" + } + ] + }, + "source": { + "lang": "en", + "value": "Zeze with TeamT5" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9113.json b/2024/9xxx/CVE-2024-9113.json index 62a11fd5d05..8e26a3e1491 100644 --- a/2024/9xxx/CVE-2024-9113.json +++ b/2024/9xxx/CVE-2024-9113.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9113", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TGA files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25140." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "FastStone", + "product": { + "product_data": [ + { + "product_name": "Image Viewer", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1274/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1274/" + } + ] + }, + "source": { + "lang": "en", + "value": "Zeze with TeamT5" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9114.json b/2024/9xxx/CVE-2024-9114.json index 20f853011c9..c96a9b5a88e 100644 --- a/2024/9xxx/CVE-2024-9114.json +++ b/2024/9xxx/CVE-2024-9114.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9114", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25145." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "FastStone", + "product": { + "product_data": [ + { + "product_name": "Image Viewer", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1275/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1275/" + } + ] + }, + "source": { + "lang": "en", + "value": "Zeze with TeamT5" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9243.json b/2024/9xxx/CVE-2024-9243.json index 94e1f891aa1..a39db97b45b 100644 --- a/2024/9xxx/CVE-2024-9243.json +++ b/2024/9xxx/CVE-2024-9243.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9243", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23932." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.1.0.23997" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1296/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1296/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9244.json b/2024/9xxx/CVE-2024-9244.json index 2c455df84d8..e666036d678 100644 --- a/2024/9xxx/CVE-2024-9244.json +++ b/2024/9xxx/CVE-2024-9244.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9244", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-23933." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732: Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.1.0.23997" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1298/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1298/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "EthicalChaos" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9245.json b/2024/9xxx/CVE-2024-9245.json index db5119c3a11..a6cd4d0b691 100644 --- a/2024/9xxx/CVE-2024-9245.json +++ b/2024/9xxx/CVE-2024-9245.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9245", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-23966." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732: Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.0.25138" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1297/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1297/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Patrick Nassef Henry (@Patrick0x41)" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9246.json b/2024/9xxx/CVE-2024-9246.json index 5248d19df8f..0e70794f298 100644 --- a/2024/9xxx/CVE-2024-9246.json +++ b/2024/9xxx/CVE-2024-9246.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9246", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24135." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.0.25138" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1299/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1299/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/9xxx/CVE-2024-9247.json b/2024/9xxx/CVE-2024-9247.json index 7c4ae9e87a0..860b458337b 100644 --- a/2024/9xxx/CVE-2024-9247.json +++ b/2024/9xxx/CVE-2024-9247.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9247", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24173." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.0.25138" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1300/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1300/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9248.json b/2024/9xxx/CVE-2024-9248.json index 16242fd05e2..99363dc8b21 100644 --- a/2024/9xxx/CVE-2024-9248.json +++ b/2024/9xxx/CVE-2024-9248.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9248", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24300." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.2.25170" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1302/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1302/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9249.json b/2024/9xxx/CVE-2024-9249.json index 8ceea5fe1f3..54c8fdc1561 100644 --- a/2024/9xxx/CVE-2024-9249.json +++ b/2024/9xxx/CVE-2024-9249.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9249", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24301." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.2.25170" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1301/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1301/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9250.json b/2024/9xxx/CVE-2024-9250.json index 6a25f81ec67..ec0b19b379f 100644 --- a/2024/9xxx/CVE-2024-9250.json +++ b/2024/9xxx/CVE-2024-9250.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9250", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24489." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.2.25170" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1303/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1303/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9251.json b/2024/9xxx/CVE-2024-9251.json index 4564623ef00..711401316e2 100644 --- a/2024/9xxx/CVE-2024-9251.json +++ b/2024/9xxx/CVE-2024-9251.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9251", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24490." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.2.25170" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1306/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1306/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/9xxx/CVE-2024-9252.json b/2024/9xxx/CVE-2024-9252.json index 962ad0c498e..e0b55d2da66 100644 --- a/2024/9xxx/CVE-2024-9252.json +++ b/2024/9xxx/CVE-2024-9252.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9252", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24491." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.2.25170" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1304/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1304/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/9xxx/CVE-2024-9253.json b/2024/9xxx/CVE-2024-9253.json index 16bf7fb2073..4b35e12febd 100644 --- a/2024/9xxx/CVE-2024-9253.json +++ b/2024/9xxx/CVE-2024-9253.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9253", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24492." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.2.25170" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1305/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1305/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/9xxx/CVE-2024-9254.json b/2024/9xxx/CVE-2024-9254.json index 38618d59b47..04832cea95f 100644 --- a/2024/9xxx/CVE-2024-9254.json +++ b/2024/9xxx/CVE-2024-9254.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9254", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25173." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.3.25184" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1307/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1307/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9255.json b/2024/9xxx/CVE-2024-9255.json index 3688ea7976c..445bcb57d76 100644 --- a/2024/9xxx/CVE-2024-9255.json +++ b/2024/9xxx/CVE-2024-9255.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9255", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25174." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.3.25184" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1308/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1308/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9256.json b/2024/9xxx/CVE-2024-9256.json index 4b93bc56b8d..8ee79de8309 100644 --- a/2024/9xxx/CVE-2024-9256.json +++ b/2024/9xxx/CVE-2024-9256.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9256", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25267." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2024.2.3.25184" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1309/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1309/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/9xxx/CVE-2024-9258.json b/2024/9xxx/CVE-2024-9258.json index 05bf0c85bd9..f13b9be21b8 100644 --- a/2024/9xxx/CVE-2024-9258.json +++ b/2024/9xxx/CVE-2024-9258.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9258", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SID files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23276." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-824: Access of Uninitialized Pointer", + "cweId": "CWE-824" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IrfanView", + "product": { + "product_data": [ + { + "product_name": "IrfanView", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.66 64bit" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1370/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1370/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9259.json b/2024/9xxx/CVE-2024-9259.json index 28ea8b1a770..b4d33516af1 100644 --- a/2024/9xxx/CVE-2024-9259.json +++ b/2024/9xxx/CVE-2024-9259.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView SID File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SID files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23278." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IrfanView", + "product": { + "product_data": [ + { + "product_name": "IrfanView", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.66 64bit" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1372/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1372/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9260.json b/2024/9xxx/CVE-2024-9260.json index da4f510f767..0e162c8f9c4 100644 --- a/2024/9xxx/CVE-2024-9260.json +++ b/2024/9xxx/CVE-2024-9260.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9260", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView SID File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SID files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23280." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IrfanView", + "product": { + "product_data": [ + { + "product_name": "IrfanView", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.66 64bit" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1373/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1373/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9261.json b/2024/9xxx/CVE-2024-9261.json index 7e400b9c9c6..3693b2ee746 100644 --- a/2024/9xxx/CVE-2024-9261.json +++ b/2024/9xxx/CVE-2024-9261.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9261", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SID files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23283." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IrfanView", + "product": { + "product_data": [ + { + "product_name": "IrfanView", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.66 64bit" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1374/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1374/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/9xxx/CVE-2024-9767.json b/2024/9xxx/CVE-2024-9767.json index 49eed373250..fc5c8adb5b0 100644 --- a/2024/9xxx/CVE-2024-9767.json +++ b/2024/9xxx/CVE-2024-9767.json @@ -1,17 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9767", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView SID File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SID files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23277." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IrfanView", + "product": { + "product_data": [ + { + "product_name": "IrfanView", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.66 64bit" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1371/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-1371/" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] }