Описание
Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controlled value at a controlled memory location, which could result in the disclosure of sensitive memory content. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controlled value at a controlled memory location, which could result in the disclosure of sensitive memory content. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Уязвимость программы для текстурирования 3D-моделей Adobe Substance 3D Painter, связанная с записью произвольного значения в любое произвольное место и переполнением буфера, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
5.5 Medium
CVSS3