Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Уязвимость программного обеспечения для 3D-дизайна Substance 3D Stager, связанная с записью произвольного значения в любое произвольное место и переполнением буфера, позволяющая нарушителю выполнить произвольный код