Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional on non-Windows (Persistence Service) allows Buffer Overflow via Environment Variables
CVE-2024-52065

6.9MEDIUM

Key Information:

Vendor: Rti
Status: Connext Professional
Vendor: CVE Published:; 13 December 2024

What is CVE-2024-52065?

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional on non-Windows (Persistence Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.1.2 before 6.1.2.21, from 5.3.1.40 before 5.3.1.41.

Affected Version(s)

Connext Professional non-Windows 7.0.0 < 7.3.0.2

Connext Professional non-Windows 6.1.1.2 < 6.1.2.21

Connext Professional non-Windows 5.3.1.40 < 5.3.1.41

References

https://www.rti.com/vulnerabilities/#cve-2024-52065

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Dec 13, 2024
Vulnerability Reserved
Nov 5, 2024

Rti

What is CVE-2024-52065?

Affected Version(s)

References

CVSS V4

Timeline