CVE-2024-7886

16 Ago 2024

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-7886

Vie, 16/08/2024 – 22:15

Tipo

CWE-427

Gravedad v2.0

6.80

Gravedad 2.0 Txt

MEDIUM

Título en

CVE-2024-7886

Descripción en

** DISPUTED ** A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. NOTE: The vendor explains that a system must be breached before exploiting this issue.

17/08/2024

Vector CVSS:3.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vector CVSS:2.0

AV:L/AC:L/Au:S/C:C/I:C/A:C

Gravedad 3.1 (CVSS 3.1 Base Score)

7.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://vuldb.com/?ctiid_274873=

https://vuldb.com/?id_274873=

https://vuldb.com/?submit_383468=

Enviar en el boletín

Off

CVE-2024-7886

CVE-2024-7886

Jose Alexis Correa Valencia