3 matches found
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2949
Altair HyperView Player (versions 2021.1.0.27 and earlier) is affected by an uninitialized memory vulnerability in H3D file parsing. A DWORD is read from an uninitialized buffer, sign-extended, and used as an index into a stack variable, causing memory corruption. Some sources (ZDI) also describe...
Altair HyperView Player
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Altair Equipment: HyperView Player Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Use of Uninitialized Resource, Improper Validation of Array Index 2. RISK EVALUATION Successful...