Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.rti.com/vulnerabilities/#cve-2024-52060 |
History
Mon, 23 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 13 Dec 2024 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45. | |
Title | Potential stack overflow when using XML configuration file referencing environment variables | |
Weaknesses | CWE-120 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: RTI
Published: 2024-12-13T10:19:22.641Z
Updated: 2024-12-23T20:06:08.452Z
Reserved: 2024-11-05T19:04:16.675Z
Link: CVE-2024-52060
Vulnrichment
Updated: 2024-12-23T20:06:02.934Z
NVD
Status : Received
Published: 2024-12-13T11:15:08.250
Modified: 2024-12-13T11:15:08.250
Link: CVE-2024-52060
Redhat
No data.