Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-24949

Published: 09/05/2023 Updated: 15/05/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Windows Server 2019

Vulnerability Summary

This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of relocation tables in PE files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when performing a bounds check before reading from memory. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2019 -

microsoft windows server 2022 -

microsoft windows 11 22h2

microsoft windows 10 1809

microsoft windows 10 20h2

microsoft windows 11 21h2

microsoft windows 10 21h2

microsoft windows 10 22h2

References

NVD-CWE-noinfohttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24949https://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-23-573/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook