From b9d9143e0d9325f0bf789affd22798dabe7fcd0d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 2 Apr 2024 21:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/25xxx/CVE-2024-25075.json | 56 +++++++++++++++++++++++--- 2024/27xxx/CVE-2024-27602.json | 56 +++++++++++++++++++++++--- 2024/27xxx/CVE-2024-27604.json | 56 +++++++++++++++++++++++--- 2024/27xxx/CVE-2024-27605.json | 56 +++++++++++++++++++++++--- 2024/29xxx/CVE-2024-29432.json | 61 +++++++++++++++++++++++++--- 2024/30xxx/CVE-2024-30336.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30337.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30338.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30339.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30340.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30341.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30342.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30343.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30344.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30345.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30346.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30347.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30348.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30349.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30350.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30351.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30352.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30353.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30354.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30355.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30356.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30357.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30358.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30359.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30360.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30361.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30362.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30363.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30364.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30365.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30367.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30370.json | 73 ++++++++++++++++++++++++++++++++-- 2024/30xxx/CVE-2024-30371.json | 73 ++++++++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3239.json | 18 +++++++++ 2024/3xxx/CVE-2024-3240.json | 18 +++++++++ 2024/3xxx/CVE-2024-3241.json | 18 +++++++++ 2024/3xxx/CVE-2024-3242.json | 18 +++++++++ 2024/3xxx/CVE-2024-3243.json | 18 +++++++++ 43 files changed, 2622 insertions(+), 162 deletions(-) create mode 100644 2024/3xxx/CVE-2024-3239.json create mode 100644 2024/3xxx/CVE-2024-3240.json create mode 100644 2024/3xxx/CVE-2024-3241.json create mode 100644 2024/3xxx/CVE-2024-3242.json create mode 100644 2024/3xxx/CVE-2024-3243.json diff --git a/2024/25xxx/CVE-2024-25075.json b/2024/25xxx/CVE-2024-25075.json index 56e8edc90ff..1474dc45f23 100644 --- a/2024/25xxx/CVE-2024-25075.json +++ b/2024/25xxx/CVE-2024-25075.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-25075", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-25075", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Softing uaToolkit Embedded before 1.41.1. When a subscription with a very low MaxNotificationPerPublish parameter is created, a publish response is mishandled, leading to memory consumption. When that happens often enough, the device will be out of memory, i.e., a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/syt-2024-2.html", + "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/syt-2024-2.html" } ] } diff --git a/2024/27xxx/CVE-2024-27602.json b/2024/27xxx/CVE-2024-27602.json index b9f9bfb5f45..b5d54b6d3f2 100644 --- a/2024/27xxx/CVE-2024-27602.json +++ b/2024/27xxx/CVE-2024-27602.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-27602", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-27602", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface documents have been leaked.For example, the /api/system/v2/api-docs module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/Raybye/fee21f1a5b3a9ab54359818281478034", + "url": "https://gist.github.com/Raybye/fee21f1a5b3a9ab54359818281478034" } ] } diff --git a/2024/27xxx/CVE-2024-27604.json b/2024/27xxx/CVE-2024-27604.json index 1160c077f73..3ab9ab45045 100644 --- a/2024/27xxx/CVE-2024-27604.json +++ b/2024/27xxx/CVE-2024-27604.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-27604", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-27604", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Alldata V0.4.6 is vulnerable to Command execution vulnerability. System commands can be deserialized." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/Raybye/b88847e9e9a94a1b1028dbdb7e38c12b", + "url": "https://gist.github.com/Raybye/b88847e9e9a94a1b1028dbdb7e38c12b" } ] } diff --git a/2024/27xxx/CVE-2024-27605.json b/2024/27xxx/CVE-2024-27605.json index 7b64fa3cd5e..34d3b86d29b 100644 --- a/2024/27xxx/CVE-2024-27605.json +++ b/2024/27xxx/CVE-2024-27605.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-27605", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-27605", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (test) can query information about the users in the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/Raybye/f365c89115f80e81d209f2fca9490339", + "url": "https://gist.github.com/Raybye/f365c89115f80e81d209f2fca9490339" } ] } diff --git a/2024/29xxx/CVE-2024-29432.json b/2024/29xxx/CVE-2024-29432.json index e7abb758bee..85ee47b666a 100644 --- a/2024/29xxx/CVE-2024-29432.json +++ b/2024/29xxx/CVE-2024-29432.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29432", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29432", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Raybye/alldata-bug/blob/main/alldata.md", + "refsource": "MISC", + "name": "https://github.com/Raybye/alldata-bug/blob/main/alldata.md" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/Raybye/4b377eb06b5f9c324f090d39a0d25c2b", + "url": "https://gist.github.com/Raybye/4b377eb06b5f9c324f090d39a0d25c2b" } ] } diff --git a/2024/30xxx/CVE-2024-30336.json b/2024/30xxx/CVE-2024-30336.json index 8980eb0e753..fb990d4d11c 100644 --- a/2024/30xxx/CVE-2024-30336.json +++ b/2024/30xxx/CVE-2024-30336.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30336", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22642." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.2.0.21408" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-303/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-303/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30337.json b/2024/30xxx/CVE-2024-30337.json index bab7db3891b..36271c716a4 100644 --- a/2024/30xxx/CVE-2024-30337.json +++ b/2024/30xxx/CVE-2024-30337.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30337", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22704." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-318/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-318/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30338.json b/2024/30xxx/CVE-2024-30338.json index 8cd241b7453..ced3426b6ba 100644 --- a/2024/30xxx/CVE-2024-30338.json +++ b/2024/30xxx/CVE-2024-30338.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30338", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22705." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-319/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-319/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30339.json b/2024/30xxx/CVE-2024-30339.json index 1b9d7fdc10f..6ba5e98cc31 100644 --- a/2024/30xxx/CVE-2024-30339.json +++ b/2024/30xxx/CVE-2024-30339.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30339", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22706." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-317/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-317/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30340.json b/2024/30xxx/CVE-2024-30340.json index 777c4015e8a..370d256d80c 100644 --- a/2024/30xxx/CVE-2024-30340.json +++ b/2024/30xxx/CVE-2024-30340.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30340", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22707." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-321/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-321/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30341.json b/2024/30xxx/CVE-2024-30341.json index 22ded880b88..0234a8b24d4 100644 --- a/2024/30xxx/CVE-2024-30341.json +++ b/2024/30xxx/CVE-2024-30341.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30341", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22709." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-315/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-315/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30342.json b/2024/30xxx/CVE-2024-30342.json index 830057b8cfe..ce5bc757c49 100644 --- a/2024/30xxx/CVE-2024-30342.json +++ b/2024/30xxx/CVE-2024-30342.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30342", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22720." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-322/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-322/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30343.json b/2024/30xxx/CVE-2024-30343.json index f7bede20137..6d2db651188 100644 --- a/2024/30xxx/CVE-2024-30343.json +++ b/2024/30xxx/CVE-2024-30343.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30343", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22721." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-316/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-316/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30344.json b/2024/30xxx/CVE-2024-30344.json index f8e4a7355bf..6bda1f0f88f 100644 --- a/2024/30xxx/CVE-2024-30344.json +++ b/2024/30xxx/CVE-2024-30344.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30344", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22733." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-320/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-320/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30345.json b/2024/30xxx/CVE-2024-30345.json index dde6e3ce8c3..3b31d11ac21 100644 --- a/2024/30xxx/CVE-2024-30345.json +++ b/2024/30xxx/CVE-2024-30345.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30345", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22742." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-323/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-323/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30346.json b/2024/30xxx/CVE-2024-30346.json index 4fb8c0198cf..66167fee216 100644 --- a/2024/30xxx/CVE-2024-30346.json +++ b/2024/30xxx/CVE-2024-30346.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30346", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22745." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-324/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-324/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30347.json b/2024/30xxx/CVE-2024-30347.json index 01baae4ecf6..2687438b061 100644 --- a/2024/30xxx/CVE-2024-30347.json +++ b/2024/30xxx/CVE-2024-30347.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30347", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22910." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-327/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-327/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30348.json b/2024/30xxx/CVE-2024-30348.json index 7a0e7a571df..d57524b9233 100644 --- a/2024/30xxx/CVE-2024-30348.json +++ b/2024/30xxx/CVE-2024-30348.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30348", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-326/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-326/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30349.json b/2024/30xxx/CVE-2024-30349.json index 03681e236e8..ed9bb6d3e64 100644 --- a/2024/30xxx/CVE-2024-30349.json +++ b/2024/30xxx/CVE-2024-30349.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30349", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22912." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-325/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-325/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30350.json b/2024/30xxx/CVE-2024-30350.json index 2ff7e1ca192..d7acbc60cc1 100644 --- a/2024/30xxx/CVE-2024-30350.json +++ b/2024/30xxx/CVE-2024-30350.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30350", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-333/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-333/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30351.json b/2024/30xxx/CVE-2024-30351.json index 78235afeab2..95eb95a4ad3 100644 --- a/2024/30xxx/CVE-2024-30351.json +++ b/2024/30xxx/CVE-2024-30351.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30351", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22799." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-328/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-328/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30352.json b/2024/30xxx/CVE-2024-30352.json index c034a3be3de..bbeca83c47a 100644 --- a/2024/30xxx/CVE-2024-30352.json +++ b/2024/30xxx/CVE-2024-30352.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22800." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-335/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-335/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30353.json b/2024/30xxx/CVE-2024-30353.json index ca299115b4b..08e158808af 100644 --- a/2024/30xxx/CVE-2024-30353.json +++ b/2024/30xxx/CVE-2024-30353.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30353", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22807." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-334/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-334/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30354.json b/2024/30xxx/CVE-2024-30354.json index 259c4da26a6..61a8ed88ab0 100644 --- a/2024/30xxx/CVE-2024-30354.json +++ b/2024/30xxx/CVE-2024-30354.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30354", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22808." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-332/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-332/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30355.json b/2024/30xxx/CVE-2024-30355.json index b8ea3e94a34..a68627f4360 100644 --- a/2024/30xxx/CVE-2024-30355.json +++ b/2024/30xxx/CVE-2024-30355.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30355", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22809." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787: Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-337/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-337/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30356.json b/2024/30xxx/CVE-2024-30356.json index 896964655d8..3a8cb1bf111 100644 --- a/2024/30xxx/CVE-2024-30356.json +++ b/2024/30xxx/CVE-2024-30356.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30356", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22811." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-336/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-336/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30357.json b/2024/30xxx/CVE-2024-30357.json index 264ffb87d8f..7dac610f2f7 100644 --- a/2024/30xxx/CVE-2024-30357.json +++ b/2024/30xxx/CVE-2024-30357.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')", + "cweId": "CWE-843" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-331/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-331/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30358.json b/2024/30xxx/CVE-2024-30358.json index df377f41982..89b219aa7ca 100644 --- a/2024/30xxx/CVE-2024-30358.json +++ b/2024/30xxx/CVE-2024-30358.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30358", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22821." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-330/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-330/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30359.json b/2024/30xxx/CVE-2024-30359.json index d48e0b8fc2d..1f3ec922261 100644 --- a/2024/30xxx/CVE-2024-30359.json +++ b/2024/30xxx/CVE-2024-30359.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30359", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of 3D objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22888." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-329/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-329/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30360.json b/2024/30xxx/CVE-2024-30360.json index d4c0236f632..a78247658e4 100644 --- a/2024/30xxx/CVE-2024-30360.json +++ b/2024/30xxx/CVE-2024-30360.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30360", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22797." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-340/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-340/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30361.json b/2024/30xxx/CVE-2024-30361.json index 73b1b963ce0..341395486d1 100644 --- a/2024/30xxx/CVE-2024-30361.json +++ b/2024/30xxx/CVE-2024-30361.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30361", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22877." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-338/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-338/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30362.json b/2024/30xxx/CVE-2024-30362.json index ce344e91325..126e58e04ca 100644 --- a/2024/30xxx/CVE-2024-30362.json +++ b/2024/30xxx/CVE-2024-30362.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30362", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22798." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-339/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-339/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30363.json b/2024/30xxx/CVE-2024-30363.json index a846af3f276..40b67069a2d 100644 --- a/2024/30xxx/CVE-2024-30363.json +++ b/2024/30xxx/CVE-2024-30363.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30363", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-342/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-342/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30364.json b/2024/30xxx/CVE-2024-30364.json index b475132464f..55a675e51b1 100644 --- a/2024/30xxx/CVE-2024-30364.json +++ b/2024/30xxx/CVE-2024-30364.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30364", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-341/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-341/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Mat Powell of Trend Micro Zero Day Initiative" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW" } ] } diff --git a/2024/30xxx/CVE-2024-30365.json b/2024/30xxx/CVE-2024-30365.json index 8fbe6868216..adcf461dfd0 100644 --- a/2024/30xxx/CVE-2024-30365.json +++ b/2024/30xxx/CVE-2024-30365.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30365", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22947." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-343/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-343/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30367.json b/2024/30xxx/CVE-2024-30367.json index 44e882eb210..1939461ce10 100644 --- a/2024/30xxx/CVE-2024-30367.json +++ b/2024/30xxx/CVE-2024-30367.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-345/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-345/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/30xxx/CVE-2024-30370.json b/2024/30xxx/CVE-2024-30370.json index dbd17f0de04..22d023db8a7 100644 --- a/2024/30xxx/CVE-2024-30370.json +++ b/2024/30xxx/CVE-2024-30370.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page.\n\nThe specific flaw exists within the archive extraction functionality. A crafted archive entry can cause the creation of an arbitrary file without the Mark-Of-The-Web. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Was ZDI-CAN-23156." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-693: Protection Mechanism Failure", + "cweId": "CWE-693" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "RARLAB", + "product": { + "product_data": [ + { + "product_name": "WinRAR", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.00 beta 4 (64-bit)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-357/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-357/" + }, + { + "url": "https://www.rarlab.com/rarnew.htm#27.%20Busgs%20fixed", + "refsource": "MISC", + "name": "https://www.rarlab.com/rarnew.htm#27.%20Busgs%20fixed" + } + ] + }, + "source": { + "lang": "en", + "value": "Orange Tsai(@orange.8361) and NiNi (@terrynini38514) from DEVCORE Research Team" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/30xxx/CVE-2024-30371.json b/2024/30xxx/CVE-2024-30371.json index 9bcd9be7c37..af9b74a014c 100644 --- a/2024/30xxx/CVE-2024-30371.json +++ b/2024/30xxx/CVE-2024-30371.json @@ -1,17 +1,82 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-30371", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23355." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Foxit", + "product": { + "product_data": [ + { + "product_name": "PDF Reader", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2023.3.0.23028" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-346/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-24-346/" + }, + { + "url": "https://www.foxit.com/support/security-bulletins.html", + "refsource": "MISC", + "name": "https://www.foxit.com/support/security-bulletins.html" + } + ] + }, + "source": { + "lang": "en", + "value": "Anonymous" + }, + "impact": { + "cvss": [ + { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/3xxx/CVE-2024-3239.json b/2024/3xxx/CVE-2024-3239.json new file mode 100644 index 00000000000..59b4f779d74 --- /dev/null +++ b/2024/3xxx/CVE-2024-3239.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3239", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3240.json b/2024/3xxx/CVE-2024-3240.json new file mode 100644 index 00000000000..3245130b3fc --- /dev/null +++ b/2024/3xxx/CVE-2024-3240.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3240", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3241.json b/2024/3xxx/CVE-2024-3241.json new file mode 100644 index 00000000000..26da5384382 --- /dev/null +++ b/2024/3xxx/CVE-2024-3241.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3241", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3242.json b/2024/3xxx/CVE-2024-3242.json new file mode 100644 index 00000000000..26a84c8ea8d --- /dev/null +++ b/2024/3xxx/CVE-2024-3242.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3242", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3243.json b/2024/3xxx/CVE-2024-3243.json new file mode 100644 index 00000000000..ba824164356 --- /dev/null +++ b/2024/3xxx/CVE-2024-3243.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-3243", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file