4 matches found
CVE-2023-25008
CVE-2023-25008 affects Autodesk 3DS Max USD file parsing. The vulnerability stems from an out-of-bounds read when processing crafted USD files in the USD plugin, which could lead to code execution. User interaction is required (opening a malicious USD file). Some references also describe potentia...
CVE-2023-25006
CVE-2023-25006 relates to Autodesk 3ds Max: a vulnerability in USD file parsing that allows a malicious USD file to trigger a use-after-free, enabling code execution. Exploitation requires user interaction (open a malicious file or visit a page) and the flaw resides in how USD objects are validat...
CVE-2023-25007
Autodesk 3DS Max is affected by CVE-2023-25007 through its USD file parsing component. The issue arises from an uninitialized pointer in the USD file handling path, and could allow code execution when a user opens a malicious USD file. Public details describe the vulnerability as occurring during...
CVE-2023-25009
CVE-2023-25009 affects Autodesk 3DS Max via the USD file parser. The issue is an out-of-bounds write in parsing USD files, which can allow remote code execution when a user opens a malicious USD file or is prompted to view one. The vulnerability stems from crafted USD data that causes a write pas...