CVE-2024-0581

Published: Jan 16, 2024Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan.

Affected (1)

Products: Sandsprite: Scdbg

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sandsprite Scdbg	Version 1.0

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg

Source: cve-coordination@incibe.es

Third Party Advisory

https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.