CVE-2024-23617

CWE-119Buffer OverflowCWE-120Classic Buffer Overflow3 documents3 sources
Severity
8.8HIGH
EPSS
2.4%
top 15.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Symantec Data Loss PreventionBroadcom Symantec Data Center Security Server
Timeline
PublishedJan 26

Description

A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages2 packages

CVEListV5symantec/data_loss_prevention12.014.0.2

🔴Vulnerability Details

2
GHSA
GHSA-c2h4-p5j3-jcgh: A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 142024-01-26
CVEList
Symantec Data Loss Prevention Buffer Overflow2024-01-25
CVE-2024-23617 (HIGH CVSS 8.8) | A buffer overflow vulnerability exi | cvebase.io