Bug 2296855 (CVE-2024-39684) - CVE-2024-39684 rapidjson: pivilege escalation via integer overflow in GenericReader::ParseNumber()
Summary: CVE-2024-39684 rapidjson: pivilege escalation via integer overflow in Generic...
Keywords:
Status: NEW
Alias: CVE-2024-39684
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2296959 2296960 2296961 2296962 2296963 2296966 2296967 2296958 2296964 2296965 2296968 2296969
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-07-09 19:21 UTC by OSIDB Bzimport
Modified: 2024-07-10 14:04 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the RapidJSON package. This flaw allows a local attacker to trigger an integer overflow via a specially crafted file, possibly leading to the escalation of privileges.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2024-07-09 19:21:48 UTC
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege.


Note You need to log in before you can comment on or make changes to this bug.