2 matches found
CVE-2021-44046
The CVE-2021-44046 entry corresponds to an out-of-bounds write vulnerability in Open Design Alliance’s PRC SDK (pre-2022.11) triggered by parsing U3D files, caused by an unchecked return value while verifying U3D data. Public connected sources identify exploitation against affected components suc...
CVE-2021-43581
Open Design Alliance PRC SDK (and related ODAViewer components handling U3D) is affected by an Out-of-Bounds Read in the U3D file parser. The root cause is the incorrect use of the LibJpeg source manager inside the U3D library, with crafted U3D data triggering a read past the end of an allocated ...