PT-2020-13574 · Pixar · Pixar Openusd

Name of the Vulnerable Software and Affected Versions: Pixar OpenUSD version 20.05 Description: An issue exists in the way Pixar OpenUSD handles certain encoded types, allowing an arbitrary out of bounds memory access in String Type Index. This can be triggered by a specially crafted malformed...

Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities

Summary A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to acce...