Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe substance 3d Painter |
|
CPEs | cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:* | |
Vendors & Products |
Adobe
Adobe substance 3d Painter |
|
Metrics |
ssvc
|
Tue, 12 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | Substance3D - Painter | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-11-12T20:02:30.837Z
Updated: 2024-11-12T20:25:28.776Z
Reserved: 2024-09-24T17:40:22.372Z
Link: CVE-2024-47437
Vulnrichment
Updated: 2024-11-12T20:15:24.648Z
NVD
Status : Analyzed
Published: 2024-11-12T20:15:10.513
Modified: 2024-11-13T19:13:22.913
Link: CVE-2024-47437
Redhat
No data.