exploitDog

CVE-2023-27566

Опубликовано: 03 мар. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file.

Ссылки

https://docs.live2d.com/cubism-editor-manual/updates4/
Release Notes
https://github.com/openl2d/moc3ingbird
Third Party Advisory
https://news.ycombinator.com/item?id=35013098
Issue Tracking
https://undeleted.ronsor.com/live2d-a-security-trainwreck/
Exploit
https://docs.live2d.com/cubism-editor-manual/updates4/
Release Notes
https://github.com/openl2d/moc3ingbird
Third Party Advisory
https://news.ycombinator.com/item?id=35013098
Issue Tracking
https://undeleted.ronsor.com/live2d-a-security-trainwreck/
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:live2d:cubism_editor:4.2.03:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03153

Низкий

7.8 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

GHSA-pgj6-9qgv-5mfq

CVSS3: 7.8

github

почти 3 года назад

Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file.

EPSS

Процентиль: 87%

0.03153

Низкий

7.8 High

CVSS3

Дефекты

CWE-787