vuln disclosure
CVE-2024-23617: Symantec Data Loss Prevention Stack Buffer Overflow Remote Code ExecutionCVE-2024-23617
A stack-based buffer overflow vulnerability in Symantec Data Loss Prevention for Windows allows unauthenticated remote code execution. Exploitation requires a user to open a crafted document, leading to high impact on confidentiality, integrity, and availability. The vulnerability affects versions up to 14.0.2 and has a CVSS v3.1 base score of 9.6.