CVE-2024-3187

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3187
This issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Double Free vulnerabilities in Goahead versions <= 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the ME_GOAHEAD_JAVASCRIPT flag is enabled, a remote attacker with the privileges to modify JavaScript template (JST) files could exploit this by providing malicious templates. This may lead to memory corruption, potentially causing a Denial of Service (DoS) or, in rare cases, code execution, though the latter is highly context-dependent.

5.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3187
Configurations

No configuration.

History

18 Oct 2024, 12:52

Type Values Removed Values Added
Summary
  • (es) Este problema se debe a dos vulnerabilidades CWE-416 de Use After Free (UAF) y una vulnerabilidad CWE-415 de doble liberación en las versiones de Goahead anteriores a la 6.0.0. Estas vulnerabilidades se deben a que los valores JST no se anulan cuando se liberan durante el análisis de las plantillas JST. Si la bandera ME_GOAHEAD_JAVASCRIPT está habilitada, un atacante remoto con privilegios para modificar archivos de plantillas de JavaScript (JST) podría aprovechar esto proporcionando plantillas maliciosas. Esto puede provocar una corrupción de la memoria, lo que puede provocar una denegación de servicio (DoS) o, en casos excepcionales, la ejecución de código, aunque esto último depende en gran medida del contexto.

17 Oct 2024, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-17 08:15

Updated : 2024-10-18 12:52

NVD link : CVE-2024-3187

Mitre link : CVE-2024-3187

CVE.ORG link : CVE-2024-3187

JSON object : View

Products Affected

No product.

CWE
CWE-415

Double Free

CWE-416

Use After Free


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024