Critical Buffer Overflow Vulnerability in Phone Contact Manager System 1.0

CVE-2024-12354

7.8HIGH

Key Information

Vendor: Sourcecodester
Status: Phone Contact Manager System
Vendor: CVE Published:; 9 December 2024

Summary

A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Affected Version(s)

Phone Contact Manager System = 1.0

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 5.3 - (MEDIUM)
Dec 9, 2024
Vulnerability published.
Dec 9, 2024
VulDB entry last update
Dec 8, 2024
Vulnerability Reserved.
Dec 8, 2024
VulDB entry created
Dec 8, 2024
Advisory disclosed
Dec 8, 2024

Collectors

NVD DatabaseMitre Database

Credit

Jason huibin wong (VulDB User)