Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-14242 Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2024-08-03T21:26:08.930Z

Reserved: 2021-02-19T00:00:00

Link: CVE-2021-27488

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-27T16:15:08.000

Modified: 2024-11-21T05:58:05.533

Link: CVE-2021-27488

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.