2024-11-25
This article describes a critical vulnerability (CVE-2024-9735) in Tungsten Automation Power PDF that allows remote attackers to execute arbitrary code on affected systems.
Vulnerability :
Platform: Tungsten Automation Power PDF
Version: Not specified
Vulnerability: JPF File Parsing Out-Of-Bounds Write Remote Code Execution
Severity: Critical
Date: November 22, 2024 (NVD Published Date)
What Undercode Says:
This vulnerability is critical because it allows attackers to take complete control of affected systems. Users of Tungsten Automation Power PDF should update to the latest version as soon as possible or apply any available patches to mitigate this risk.
Additional Notes:
User interaction is required to exploit this vulnerability (e.g., opening a malicious file).
The vulnerability exists due to a lack of proper validation of user-supplied data during JPF file parsing.
This information is based on the CVE details from the National Vulnerability Database (NVD).
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help