CVE-2024-44083

ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:hex-rays:ida_pro:*:*:*:*:*:*:*:*

History

28 Aug 2024, 15:15

Type Values Removed Values Added
References
  • () https://github.com/Azvanzed/CVE-2024-44083/ -

21 Aug 2024, 12:35

Type Values Removed Values Added
References () https://github.com/Azvanzed/IdaMeme - () https://github.com/Azvanzed/IdaMeme - Exploit, Third Party Advisory
CPE cpe:2.3:a:hex-rays:ida_pro:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 7.5
CWE CWE-770
First Time Hex-rays
Hex-rays ida Pro

19 Aug 2024, 16:35

Type Values Removed Values Added
CWE CWE-400
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

19 Aug 2024, 12:59

Type Values Removed Values Added
Summary
  • (es) ida64.dll en Hex-Rays IDA Pro hasta 8.4 falla cuando hay una sección que tiene muchos saltos vinculados, y el salto final corresponde al payload desde donde se invocará el punto de entrada real. NOTA: en muchos casos de uso, esto es un inconveniente pero no un problema de seguridad.

19 Aug 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-19 04:15

Updated : 2024-08-28 15:15


NVD link : CVE-2024-44083

Mitre link : CVE-2024-44083

CVE.ORG link : CVE-2024-44083


JSON object : View

Products Affected

hex-rays

  • ida_pro
CWE
CWE-770

Allocation of Resources Without Limits or Throttling

CWE-400

Uncontrolled Resource Consumption