CVE-2024-37284 – Elastic Defend Windows Alt Encoding Crash Vulnerability (Heap Corruption)

January 21, 2025
12:16 pm

CVE ID : CVE-2024-37284

Published : Jan. 21, 2025, 11:15 a.m. | 1 hour, 1 minute ago

Description : Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing the process.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-37284 – Elastic Defend Windows Alt Encoding Crash Vulnerability (Heap Corruption)

Elvescore.io

Recent Posts

CVE-2022-49043 – Libxml2 XML XInclude Use-After-Free Vulnerability

CVE-2024-10574 – “Quiz Maker Business, Developer, and Agency WordPress Unauthorized Modification and Cross-Site Scripting Vulnerability”

CVE-2024-10628 – Woocommerce Quiz Maker SQL Injection Vulnerability

CVE-2024-10633 – Quiz Maker Business, Developer, and Agency WordPress Plugin Shortcode Injection Vulnerability

CVE-2024-10636 – Quiz Maker Business/Developer/Agency WordPress Reflected Cross-Site Scripting

CVE-2025-24858 – Develocity Gradle Enterprise Password Hash Exposure

CVE-2024-37284 – Elastic Defend Windows Alt Encoding Crash Vulnerability (Heap Corruption)

CVE-2024-37284 – Elastic Defend Windows Alt Encoding Crash Vulnerability (Heap Corruption)