59 matches found
HyperView Geoportal Toolkit 安全漏洞
HyperView Geoportal Toolkit is a Map application in a Web browser from HyperView, Inc. A security vulnerability exists in HyperView Geoportal Toolkit version 8.2.4 and prior versions, which arises from an unrestricted cross-domain request for remote content pointed to by a GET request parameter,...
PT-2024-37636 · Unknown · Hyperview Geoportal Toolkit
Name of the Vulnerable Software and Affected Versions: HyperView Geoportal Toolkit versions prior to 8.5.0 Description: The issue allows an unauthenticated remote attacker to prepare links that, when opened, will load scripts from a remote location controlled by the attacker and execute them in t...
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2951
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption...
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2947
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
CVE-2022-2947
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
CVE-2022-2950
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2950
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2951
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption...
Memory corruption
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption...
Memory corruption
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
Memory corruption
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
Memory corruption
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2947
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
CVE-2022-2947
CVE-2022-2947 affects Altair HyperView Player, specifically versions 2021.1.0.27 and earlier. The root cause is memory-buffer operations that can read or write outside the intended boundary, leading to memory corruption and a read access violation. Additional context from ZDI describes a separate...
CVE-2022-2947
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2949
Altair HyperView Player (versions 2021.1.0.27 and earlier) is affected by an uninitialized memory vulnerability in H3D file parsing. A DWORD is read from an uninitialized buffer, sign-extended, and used as an index into a stack variable, causing memory corruption. Some sources (ZDI) also describe...