Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-56485
HistoryNov 10, 2021 - 12:00 a.m.

Microsoft 3D Viewer remote code execution vulnerability

2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
71

0.038 Low

EPSS

Percentile

91.9%

A code injection vulnerability exists in Microsoft 3D Viewer, a simplified and fast graphics editing application from Microsoft Corporation (USA). The vulnerability stems from the process of constructing code segments from external input data that is not properly filtered by the network system or product for particular elements. An attacker could use this vulnerability to generate an illegal code segment that modifies the expected execution control flow of the network system or component.

CPENameOperatorVersion
Microsoft 3D Viewer <7.eq2107.7012.0