The vulnerability of Adobe Dimension’s 3D design software relates to buffer overflow in the stack, allowing an attacker to execute arbitrary code.

🗓️ 22 Mar 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Adobe Dimension stack buffer overflow vulnerability may allow arbitrary code execution.

Reporter	Title	Published	Views	Family All 14
Tenable Nessus	Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20)	16 Mar 202300:00	–	nessus
Tenable Nessus	Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)	16 Mar 202300:00	–	nessus
CNNVD	Adobe Dimension 缓冲区错误漏洞	15 Mar 202300:00	–	cnnvd
CNVD	Adobe Dimension Stack Buffer Overflow Vulnerability	17 Mar 202300:00	–	cnvd
CVE	CVE-2023-26337	28 Mar 202300:00	–	cve
Cvelist	CVE-2023-26337 ZDI-CAN-20285: Adobe Dimension USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability	28 Mar 202300:00	–	cvelist
EUVD	EUVD-2023-30158	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Adobe Dimension	16 Mar 202300:00	–	ncsc
NVD	CVE-2023-26337	28 Mar 202320:15	–	nvd
OSV	CVE-2023-26337	28 Mar 202320:15	–	osv

Vulners

Node

adobe_systems dimensionRange≤3.4.7

Source	Link
helpx	www.helpx.adobe.com/security/products/dimension/apsb23-20.html
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-303/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-303/

22 Mar 2023 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 27.2

CVSS 37.8

EPSS0.00103

Adobe Dimension buffer overflow stack overflow arbitrary code execution