31 matches found
PT-2026-36803
Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.3 Description A buffer overflow exists in the FBX Importer. The issue occurs within the aiMaterial::AddBinaryProperty function, where a property key string from a specially crafted FBX file is copied into a...
Assimp 安全漏洞
Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the FBX importer’s aiMaterial::AddBinaryProperty function, which copie...
EUVD-2025-209616
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...
CVE-2021-27031
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in FBX's Review causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system...
OSV-2025-965 Stack-use-after-scope in Assimp::FBX::FBXExportProperty::FBXExportProperty
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=465494996 Crash type: Stack-use-after-scope READ 1 Crash state: Assimp::FBX::FBXExportProperty::FBXExportProperty Assimp::FBX::FBXExportProperty std::1::vectorAssimp::FBX::FBXExportProperty, Assimp::FBXExporter::WriteObjects...
EUVD-2015-7924
Malware in sbrugna...
CVE-2020-6358
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...
CVE-2015-8029
SAP 3D Visual Enterprise Viewer VEV allows remote attackers to execute arbitrary code via a crafted Filmbox document, which triggers memory corruption...
CVE-2024-20677
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have acces...
The vulnerability of the Microsoft Office software package, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Office package is related to insufficient validation of input data during the processing of FBX files. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability relates to the set of tools and libraries used for creating, importing, and exporting 3D models with the Autodesk FBX SDK. It stems from writing beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the tools and libraries used for creating, importing, and exporting 3D models in the Autodesk FBX SDK is related to writing data beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code...
The vulnerability relates to the set of tools and libraries used for creating, importing, and exporting 3D models with the Autodesk FBX SDK. It stems from the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of the tools and libraries used for creating, importing, and exporting 3D models in the Autodesk FBX SDK is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created FBX file...
PT-2023-35831 · Assimp · Assimp
Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to an Invalid-free crash type. It involves the Assimp::FBX::Scope::Scope and Assimp::FBX::Element::Element functions. No information is provided about the estimated numb...
Autodesk FBX-SDK 缓冲区错误漏洞
Autodesk FBX-SDK is a C++ software development platform and API toolkit from Autodesk, Inc. that is primarily used to convert existing content to FBX format. A security vulnerability exists in Autodesk FBX-SDK version 2020 and prior versions, which can be exploited by an attacker to trick a user...
PT-2023-14278 · Bentley · Bentley View
Name of the Vulnerable Software and Affected Versions: Bentley View affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Bentley View. It requires user interaction, where the target must visit a malicious pa...
Autodesk Moldflow 缓冲区错误漏洞
Autodesk Moldflow is a software simulation from the American company Autodesk. It can show how the resin fills the mold during the injection molding process. A security vulnerability exists in Autodesk Moldflow version 2021, 2019 that originates from a maliciously crafted used through the Moldflo...
CVE-2022-35905
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...
CVE-2022-35905
An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...
CVE-2021-46630
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53171)
SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted FBX file...