CVE-2024-12354: SourceCodester Phone Contact Manager System User Menu MenuDisplayStart buffer overflow

4.8 CVSS

Description

A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Es wurde eine Schwachstelle in SourceCodester Phone Contact Manager System 1.0 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist die Funktion UserInterface::MenuDisplayStart der Komponente User Menu. Durch das Beeinflussen mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.

Classification

CVE ID: CVE-2024-12354

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.8

Affected Products

Vendor: SourceCodester

Product: Phone Contact Manager System

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 27.74% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://vuldb.com/?id.287274
https://vuldb.com/?ctiid.287274
https://vuldb.com/?submit.457477
https://github.com/jasontimwong/CVE/issues/2
https://www.sourcecodester.com/

Timeline

2024-12-10 00:31:08 UTC
CVE

SourceCodester Phone Contact Manager System User Menu MenuDisplayStart buffer overflow