Buffer Overflow Vulnerability in Sony XAV-AX5500 Device
CVE-2024-23934
Currently unrated
What is CVE-2024-23934?
The Sony XAV-AX5500 is susceptible to a stack-based buffer overflow vulnerability due to flaws in the parsing of WMV/ASF files. This security issue allows remote attackers, by crafting a malicious WMV media file with a specially designed Extended Content Description Object, to exploit the overflow of a fixed-length stack-based buffer. Users must engage with the malicious content, either by visiting a malicious page or opening a harmful file, for the attack to be successful. This vulnerability could potentially enable the execution of arbitrary code within the context of the device, posing a significant risk to user security.