CVE-2024-50986

high

Description

An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file.

References

https://www.clementine-player.org/

https://github.com/riftsandroses/CVE-2024-50986/

https://github.com/clementine-player/Clementine

Details

Source: Mitre, NVD

Published: 2024-11-15

Updated: 2024-11-29

Risk Information

CVSS v2

Base Score: 5.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 7.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Severity: High