Lucene search

Ubuntu.comUB:CVE-2024-24149

HistoryFeb 29, 2024 - 12:00 a.m.

CVE-2024-24149

2024-02-2900:00:00

ubuntu.com

memory leak

libming

denial of service

swf file

unix

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

A memory leak issue discovered in parseSWF_GLYPHENTRY in libming v0.4.8
allows attackers to cause a denial of service via a crafted SWF file.

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchming< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	ming	< any	UNKNOWN

References

github.com/libming/libming/issues/310

launchpad.net/bugs/cve/CVE-2024-24149

nvd.nist.gov/vuln/detail/CVE-2024-24149

security-tracker.debian.org/tracker/CVE-2024-24149

www.cve.org/CVERecord?id=CVE-2024-24149

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Related for UB:CVE-2024-24149