CVE-2024-11495 – A buffer overflow vulnerability in OllyDbg 1.10... (How to Fix)

Q: What is the severity of CVE-2024-11495?

CVE-2024-11495 has a CVSS score of 7.5 (HIGH). A buffer overflow vulnerability in OllyDbg 1.10 allows local attackers to execute arbitrary code by exploiting improper bounds checking. This affects users running the vulnerable version of this debugger software. Attackers could gain elevated privileges or compromise the system where OllyDbg is installed.

📋 TL;DR

A buffer overflow vulnerability in OllyDbg 1.10 allows local attackers to execute arbitrary code by exploiting improper bounds checking. This affects users running the vulnerable version of this debugger software. Attackers could gain elevated privileges or compromise the system where OllyDbg is installed.

💻 Affected Systems

Products:

OllyDbg

Versions: Version 1.10

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific version 1.10 of OllyDbg debugger software.

📦 What is this software?

Ollydbg by Ollydbg

View all CVEs affecting Ollydbg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, data theft, or installation of persistent malware.

🟠

Likely Case

Local attacker gains code execution with the privileges of the user running OllyDbg, potentially leading to lateral movement within the network.

🟢

If Mitigated

Limited impact if OllyDbg is run with minimal privileges and in isolated environments.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the system where OllyDbg is installed.

🏢 Internal Only: MEDIUM - Internal attackers with local access could exploit this, particularly on developer or security analysis workstations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of buffer overflow exploitation techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-ollydbg

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or discontinuing use of OllyDbg 1.10.

🔧 Temporary Workarounds

Remove or Replace OllyDbg

windows

Uninstall OllyDbg 1.10 and replace with alternative debugger software

Control Panel > Programs > Uninstall a program > Select OllyDbg > Uninstall

Restrict Execution

windows

Use application control policies to prevent execution of OllyDbg 1.10

🧯 If You Can't Patch

Run OllyDbg with minimal user privileges (non-admin account)
Isolate systems running OllyDbg from critical network segments

🔍 How to Verify

Check if Vulnerable:

Check OllyDbg version by running the executable and viewing Help > About, or check file properties of OllyDbg.exe

Check Version:

wmic product where name="OllyDbg" get version

Verify Fix Applied:

Verify OllyDbg 1.10 is no longer installed on the system

📡 Detection & Monitoring

Log Indicators:

Process creation events for OllyDbg.exe
Application crash logs related to OllyDbg

Network Indicators:

Unusual outbound connections from systems known to run OllyDbg

SIEM Query:

ProcessName="OllyDbg.exe" AND Version="1.10"

📊 Metadata

CVE ID: CVE-2024-11495

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-119

Published: November 20, 2024

Last Updated: November 4, 2025

🔗 References

https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-ollydbg Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11495, you might also want to check these: