ID:10572 - Exploit for Use-after-free in Microsoft products - CVE-2024-43504

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10572 - Exploit for Use-after-free in Microsoft products - CVE-2024-43504

ID:10572 - Exploit for Use-after-free in Microsoft products - CVE-2024-43504

Published: October 10, 2024


Vulnerability identifier: #VU98241
Vulnerability risk: High
CVE-ID: CVE-2024-43504
CWE-ID: CWE-416
Exploitation vector: Remote access
Vulnerable software:
Microsoft Office
Microsoft Excel
Microsoft Office LTSC
Microsoft 365 Apps for Enterprise

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Microsoft Excel. A remote attacker can trick a victim to open a specially crafted file and execute arbitrary code on the target system.


Remediation

Install updates from vendor's website.