DATABASE RESOURCES PRICING ABOUT US

{"id": "ZDI-21-1450", "vendorId": null, "type": "zdi", "bulletinFamily": "info", "title": "Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability", "description": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.", "published": "2021-12-07T00:00:00", "modified": "2021-12-07T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1450/", "reporter": "Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2022-02-10T00:00:00", "viewCount": 3, "enchantments": {"dependencies": {}, "score": {"value": 1.7, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 1.7}, "_state": {"dependencies": 1646189032, "score": 1659852189, "epss": 1679165106}, "_internal": {"score_hash": "98bc440e7405171cee4674f00bf74790"}}

{}