When loading a specially crafted file, the application, while processing the extraction of temporary files, suffers from a directory traversal vulnerability, which allows an attacker to store arbitrary scripts into automatic startup folders.ĬVE-2021-22651 has been assigned to this vulnerability. 4.2.5 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY (‘PATH TRAVERSAL’) CWE-22 A CVSS v3 base score of 7.8 has been calculated the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The affected product has multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code.ĬVE-2021-22649 has been assigned to this vulnerability. 4.2.4 UNTRUSTED POINTER DEREFERENCE CWE-822 dll entry point can be executed without sufficient UI warning.ĬVE-2021-22645 has been assigned to this vulnerability. bip documents display a “load” command, which can be pointed to a. The affected product is vulnerable to an attack because the. 4.2.3 INSUFFICIENT UI WARNING OF DANGEROUS OPERATIONS CWE-357 The affected product is vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.ĬVE-2021-22643 has been assigned to this vulnerability. The affected product is vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code.ĬVE-2021-22647 has been assigned to this vulnerability. KeyShot Network Rendering versions prior to 10.1Ĥ.2 VULNERABILITY OVERVIEW 4.2.1 OUT-OF-BOUNDS WRITE CWE-787. The following versions of Luxion software, 3D rendering and animation software, are affected: Successful exploitation of these vulnerabilities could allow arbitrary code execution, the storing of arbitrary scripts into automatic startup folders, and the attacking of products without sufficient UI warning. This updated advisory is a follow-up to the original advisory titled ICSA-21-035-01 Luxion KeyShot that was published February 4, 2021, on the ICS webpage on. Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Insufficient UI Warning of Dangerous Operations, Untrusted Pointer Dereference, Path Traversal.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |