CVE-2024-41881 Information

Description

SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file arbitrary code may be executed on the user’s environment.

Reference

https://github.com/PhilipHazel/SDoP https://github.com/PhilipHazel/SDoP/commit/ff83d851b4b39ff2fd37ab2ab14365649515b023 https://jvn.jp/en/jp/JVN16420523/