5 matches found
CVE-2019-5015
Pixar Renderman for macOS is affected by CVE-2019-5015 in the Install Helper, where the Dispatch function’s caller is not checked, allowing a local attacker with access to escalate to root. Affected version: Renderman 22.3.0 for macOS. The Talos advisory (TALOS-2019-0773) states exploitation requ...
CVE-2018-3840
The CVE-2018-3840 issue affects Pixar Renderman IT Display Service 21.6. It stems from improper validation during parsing of a network packet to the IT Display Service, specifically when handling the 0x67 command; data read from the socket may be dereferenced without validation, causing a null po...
CVE-2018-4054
Pixar Renderman for macOS (22.2.0) contains a local privilege escalation in the install helper tool. The vulnerability lies in Dispatch where the caller is not checked, allowing a local user to execute code with root privileges via crafted argv data; the helper runs as root and listens after inst...
CVE-2018-4055
Pixar Renderman for macOS contains a local privilege escalation in the install helper. The Mac version 22.2.0’s install helper Dispatch function does not verify the caller, allowing a local attacker to read any root file from the filesystem. Exploitation requires local access; impact is root-leve...
CVE-2018-3841
Pixar Renderman IT Display Service 21.6 is affected by a denial-of-service vulnerability in the parsing of a network packet, triggered when the service reads data from a socket on port 4001 without proper validation. This can lead to a null pointer dereference and a crash when processing a 0x69 c...