4 matches found
CVE-2022-2947
CVE-2022-2947 affects Altair HyperView Player, specifically versions 2021.1.0.27 and earlier. The root cause is memory-buffer operations that can read or write outside the intended boundary, leading to memory corruption and a read access violation. Additional context from ZDI describes a separate...
CVE-2022-2949
Altair HyperView Player (versions 2021.1.0.27 and earlier) is affected by an uninitialized memory vulnerability in H3D file parsing. A DWORD is read from an uninitialized buffer, sign-extended, and used as an index into a stack variable, causing memory corruption. Some sources (ZDI) also describe...
CVE-2022-2951
Altair HyperView Player (versions 2021.1.0.27 and earlier) is affected by CVE-2022-2951 due to improper validation of an array index when processing H3D files. A DWORD from a PoC is used as an index to write to a buffer, causing memory corruption. Affected product: HyperView Player; root cause: a...
CVE-2022-2950
CVE-2022-2950 affects Altair HyperView Player versions 2021.1.0.27 and earlier. The issue arises from use of uninitialized memory during parsing of H3D files: a DWORD is read from an uninitialized buffer, sign-extended, and used as an index into a stack variable, leading to memory corruption. CVS...