A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
History

Wed, 11 Dec 2024 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Razormist
Razormist phone Contact Manager System
Weaknesses CWE-787
CPEs cpe:2.3:a:razormist:phone_contact_manager_system:1.0:*:*:*:*:*:*:*
Vendors & Products Razormist
Razormist phone Contact Manager System

Mon, 09 Dec 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Sourcecodester
Sourcecodester phone Shop Sales Managements System Using Php With Source Code
CPEs cpe:2.3:a:sourcecodester:phone_shop_sales_managements_system_using_php_with_source_code:1.0:*:*:*:*:*:*:*
Vendors & Products Sourcecodester
Sourcecodester phone Shop Sales Managements System Using Php With Source Code
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Dec 2024 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Title SourceCodester Phone Contact Manager System User Menu MenuDisplayStart buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-12-09T01:31:05.768Z

Updated: 2024-12-09T20:12:30.989Z

Reserved: 2024-12-08T17:08:42.498Z

Link: CVE-2024-12354

cve-icon Vulnrichment

Updated: 2024-12-09T20:12:25.014Z

cve-icon NVD

Status : Analyzed

Published: 2024-12-09T02:15:19.120

Modified: 2024-12-10T23:36:25.740

Link: CVE-2024-12354

cve-icon Redhat

No data.