The vulnerability of the implementation of the ColladaParser::ExtractDataObjectFromChannel() function in the Open Asset Import Library (Assimp) library allows a malicious actor to obtain unauthorized access to confidential information.

The vulnerability of the ColladaParser::ExtractDataObjectFromChannel function in the Open Asset Import Library Assimp import library is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential information...

SUSE CVE-2022-45748

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp...

DEBIAN-CVE-2022-45748

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp...

PYSEC-2023-290

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp...

UBUNTU-CVE-2022-45748

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp...

PT-2023-9306 · Assimp +2 · Assimp +2

Name of the Vulnerable Software and Affected Versions: assimp version 5.1.4 Description: A use after free issue occurred in the ColladaParser::ExtractDataObjectFromChannel function, located in the /code/AssetLib/Collada/ColladaParser.cpp file. This issue is related to the implementation of the...

CVE-2022-45748

An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp...

assimp 资源管理错误漏洞

assimp is assimp open source a library . It is used to import and export various 3D model formats. assimp version 5.1.4 security vulnerability , the vulnerability stems from the file /code/AssetLib/Collada/ColladaParser.cpp in the function ColladaParser::ExtractDataObjectFromChannel there is a...

Apple OS X Scene Kit DAE XML Code Execution Vulnerability

SUMMARY An exploitable type confusion vulnerability exists in the handling of DAE images on OS X. A crafted DAE document can trigger a type confusion vulnerability which potentially could be exploited to achieve attacker controlled code execution. Vulnerability can be triggered via a saved DAE fi...

Photo Collada collage maker - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Photo Collada collage maker published at the 'play' market has multiple vulnerabilities...

Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=467 There is a heap overflow in daeElement::setElementName. The vulnerable method uses a fixed size 128 bytes heap-allocated buffer to copy the name of an arbitrary element. By setting the name of the element to something...

Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow

Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=467 There is a heap overflow in daeElement::setElementName. The vulnerable method uses a fixed size 128 bytes heap-allocated buffer to copy the name of a...

The vulnerability of the Mac OS X operating system, which allows a hacker to execute arbitrary code

The vulnerability of the SceneKit component in the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted Collada file...

Apple OS X SceneKit Heap Overflow Vulnerability

Apple OS X is a BSD-based operating system distributed by Apple. A heap overflow vulnerability in Apple OS X SceneKit's handling of special Collada files allows an attacker to construct a malicious file and trick a user into parsing it, which could crash an application or execute arbitrary code...

CVE-2015-5772

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file...

Heap overflow

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file...

CVE-2015-5772

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file...

CVE-2014-8830

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted accessor element in a Collada file...

Heap overflow

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted accessor element in a Collada file...

CVE-2014-8830

Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted accessor element in a Collada file...