Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
Metrics
Affected Vendors & Products
References
History
Wed, 07 Aug 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Assimp
Assimp assimp |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:* | |
Vendors & Products |
Assimp
Assimp assimp |
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2024-07-19T07:38:28.057Z
Updated: 2024-08-02T04:33:11.893Z
Reserved: 2024-07-09T06:39:54.634Z
Link: CVE-2024-40724
Vulnrichment
Updated: 2024-07-19T14:55:09.928Z
NVD
Status : Modified
Published: 2024-07-19T08:15:02.070
Modified: 2024-11-21T09:31:29.927
Link: CVE-2024-40724
Redhat
No data.