2024-11-26
This article describes a vulnerability (CVE-2024-9753) in Tungsten Automation Power PDF that allows remote attackers to disclose sensitive information on affected systems.
Vulnerability :
Platform: Tungsten Automation Power PDF
Version: Not specified
Vulnerability: Out-of-Bounds Read Information Disclosure
Severity: Not officially rated (CVSS information not yet available)
Date: November 22, 2024 (Published by NVD)
Details:
The vulnerability exists due to improper validation of user-supplied data during PDF file parsing. This can lead to attackers reading sensitive information beyond the intended memory allocation. An attacker might exploit this vulnerability in conjunction with other vulnerabilities to execute malicious code.
What Undercode Says:
This vulnerability can be serious if exploited. Users of Tungsten Automation Power PDF should update to the latest version as soon as a patch becomes available.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help