Buffer overflow in OllyDbg

Posted date 20/11/2024

Identificador

INCIBE-2024-0573

Importance

4 - High

Affected Resources

OllyDbg.exe, 1.10 version.

Description

INCIBE has coordinated the publication of a high severity vulnerability affecting OllyDbg version 1.10, a debugging tool used to analyse binary code, which has been discovered by Rafael Pedrero.

This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:

CVE-2024-11495: CVSS v3.1: 7.5 | CVSS AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H | CWE-119.

Solution

There is no reported solution at the moment. The development of the tool is currently stalled.

Detail

CVE-2024-11495: buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking.

References list

Product website

Etiquetas

0day
Cybersecurity
CNA
Development
Vulnerability