Vulnerability Description
SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/PhilipHazel/SDoP
- https://github.com/PhilipHazel/SDoP/commit/ff83d851b4b39ff2fd37ab2ab14365649515b
- https://jvn.jp/en/jp/JVN16420523/
- https://github.com/PhilipHazel/SDoP
- https://github.com/PhilipHazel/SDoP/commit/ff83d851b4b39ff2fd37ab2ab14365649515b
- https://jvn.jp/en/jp/JVN16420523/
FAQ
What is CVE-2024-41881?
CVE-2024-41881 is a vulnerability with a CVSS score of 8.8 (HIGH). SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricke...
How severe is CVE-2024-41881?
CVE-2024-41881 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-41881?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.