CVE-2024-1112 HIGH

CVE-2024-1112: Buffer Overflow Vulnerability in Resource Hacker

Vendor Angus Johnson
Product Resource Hacker
Weakness CWE-119
Published January 31, 2024
Last update May 29, 2025

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Heap-based buffer overflow vulnerability in Resource Hacker, developed by Angus Johnson, affecting version 3.6.0.92. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument.

Key dates

02Disclosure timeline

January 31, 2024 CVE published
May 29, 2025 Record updated